Is there a keyed SHA256 hash algorithm that is FIPS compliant for .NET?

假装没事ソ 提交于 2019-12-22 10:56:08

问题


I am creating a keyed SHA256 hash using HMACSHA256 with the following code:

HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(secretKey);
byte[] hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(data));

string hashResult = string.Empty;
for (int i = 0; i < hash.Length; i++)
{
    hashResult += hash[i].ToString("x2"); // hex format
}

This is working just fine, however, it fails in a FIPS enabled environment because HMACSHA256 uses an underlying SHA256Managed implementation which is itself not FIPS compliant.

Searching through MSDN documentation I find that the only SHA256 implementation of KeyedHashAlgorithm is HMACSHA256.

I am required to sign web service requests with a keyed SHA256 hash (so I can't change the hash type), and I must be able to run in a FIPS enabled environment.

Googling shows that both SHA256CryptoServiceProvider and SHA256Cng are FIPS compliant ways to create SHA256 hashes, but neither seem to support the creation of keyed hashes.


回答1:


No, there is not. Here is a list of ones that are (scroll down to FIPS.sys Algorithms section).

A work around I've used int he past is here, but I'm not sure if that will work for web services. This solution could work.




回答2:


I know this is old but it looks like Microsoft addressed this issue. I'm running .NET 4.5.1 on Windows 8. I can't speak to what version of the BCL this was fixed or OS.

this.m_hash1 = HMAC.GetHashAlgorithmWithFipsFallback((Func<HashAlgorithm>) (() => (HashAlgorithm) new SHA256Managed()), (Func<HashAlgorithm>) (() => HashAlgorithm.Create("System.Security.Cryptography.SHA256CryptoServiceProvider")));



回答3:


Officially you may be out of luck, but it should be relatively easy to build a HMAC_SHA256 out of SHA-256. Just take a look at the Wikipedia page to see how easy this is.

Note that it may be the case that HMAC was not approved in FIPS mode because it is vulnerable to side channel attacks. In that case you should make sure that there is some protection against side channel attacks.

It is a bit dangerous to build your own crypto algorithms out of cryptographic primitives. If you yourself will try and claim FIPS level security then this may become an issue. But for most users it is enough if you say that you only use NIST compliant algorithms. It is up to you how far you are willing to go down this line...



来源:https://stackoverflow.com/questions/17862491/is-there-a-keyed-sha256-hash-algorithm-that-is-fips-compliant-for-net

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!