Zip - FIPS 140-2 compliant mode

Question

The release notes for Zip for the 2012 R3 version indicates that FIPS 140-2 compliant mode was added. Can this mode be set manually set such that FIPS-approved modules are used even if Windows has not been set to use only FIPS compliant algorithms? If so, how do I do this?

Release Notes: http://www.rebex.net/zip.net/history.aspx

Referenced feature of 2012 R3: ZIP: Added FIPS 140-2 compliant mode in which only FIPS-approved modules are used.

Answer 1

You can manually enable the FIPS mode by setting:

Rebex.Security.Cryptography.CryptoHelper.UseFipsAlgorithmsOnly to true

This will turn on the FIPS mode of Rebex components no matter whether you are on a FIPS enabled Windows system or not. (If you do not specify it manually, Rebex components determine whether you are running on a FIPS enabled Windows system and automatically trigger the FIPS-only mode if needed.)

Comments

Thanks for the quick response.

The Quick Info tool tip for the CryptoHelper.UseFipsAlgorithmsOnly property states "Enables or disables an option that specifies whether only FIPS 140-1 compliant cryptographic algorithm providers are to be used."

Is this tool-tip just out-of-date and the property actually enables FIPS 140-2 compliant cryptographic algorithm providers?

---

Thanks for pointing it out! The property actually enables FIPS 140-2 compliant cryptographic algorithm providers.

The commenct is just out-dated. We will fix the comment for the next release.

---

The comment has been fixed in 2013R3 version of Rebex ZIP. For more information about the new version see blogpost. You can check release notes for complete list of changes in Rebex ZIP.