.NET Core Federal Information Processing Standard (FIPS) compliance
The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. government standard that defines minimum security requirements for cryptographic modules in information technology products, as defined in Section 5131 of the Information Technology Management Reform Act of 1996.
.NET Core:
- Passes cryptographic primitives calls through to the standard modules the underlying operating system provides.
- Does not enforce the use of FIPS Approved algorithms or key sizes in .NET Core apps.
The system administrator is responsible for configuring the FIPS compliance for an operating system.
If code is written for a FIPS-compliant environment, the developer is responsible for ensuring that non-compliant FIPS algorithms aren't used.
For more information on FIPS compliance, see the following articles:
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for