如果在Windows中启用“在FIPS中使用FIPS兼容算法进行加密,散列和签名”安全策略选项,则尝试在.NET Framework中使用许多加密类将导致InvalidOperationException。默认情况下,ASP.NET使用AES来加密ViewState blob,因此失败。您可以解决此通过增加这样一个关键的web.config:可以使ASP.NET ScriptManager与Windows FIPS安全策略一起使用吗?
<machineKey validationKey="AutoGenerate,IsolateApps" decryptionKey="AutoGenerate,IsolateApps" validation="3DES" decryption="3DES"/>
以及覆盖你基本ASP.NET使用。我的问题是:我有大量复杂的ASP.NET Web应用程序,它们大量使用ScriptManager(ASP.NET AJAX的基础),并且需要由必须启用FIPS策略设置的政府客户部署。上面有一个ScriptManager任何ASP.NET页面抛出此异常:
[InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.]
System.Security.Cryptography.SHA1Managed..ctor() +3607454
System.Security.Policy.Hash.get_SHA1() +45
System.Web.Handlers.ScriptResourceHandler.GetAssemblyInfoInternal(Assembly assembly) +85
System.Web.Handlers.ScriptResourceHandler.GetAssemblyInfo(Assembly assembly) +99
System.Web.Handlers.RuntimeScriptResourceHandler.GetScriptResourceUrlImpl(List`1 assemblyResourceLists, Boolean zip, Boolean notifyScriptLoaded) +525
System.Web.Handlers.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(List`1 assemblyResourceLists, Boolean zip, Boolean notifyScriptLoaded) +910
System.Web.Handlers.RuntimeScriptResourceHandler.System.Web.Handlers.IScriptResourceHandler.GetScriptResourceUrl(Assembly assembly, String resourceName, CultureInfo culture, Boolean zip, Boolean notifyScriptLoaded) +193
System.Web.UI.ScriptReference.GetUrlFromName(ScriptManager scriptManager, IControl scriptManagerControl, Boolean zip) +306
System.Web.UI.ScriptManager.RegisterUniqueScripts(List`1 uniqueScripts) +169
System.Web.UI.ScriptManager.RegisterScripts() +407
System.Web.UI.ScriptManager.OnPagePreRenderComplete(Object sender, EventArgs e) +200
System.Web.UI.Page.OnPreRenderComplete(EventArgs e) +11041982
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3672
即使添加了<enforceFIPSPolicy enabled="false"/>
元素的web.config不能解决例外。
有什么办法可以配置ASP.NET,使ScriptManager可以与Windows FIPS安全策略一起使用?从微软