Sunday, 21 December 2014

Difference between SHA256CryptoServiceProvider and SHA256Managed

Both are used to generate hash data and both classes generate same hash. The .Net SHA256Managed class is supported in all framework versions while the SHA256CryptoServiceProvider class is only supported from framework 3.5 and above. SHA256CryptoServiceProvider uses the FIPS 140-2 validated (FIPS = Federal Information Processing Standards) Crypto Service Provider (CSP) while SHA256Managed does not. SHA256Managed is a pure managed implementation while SHA256CryptoServiceProvider does presumably the same thing but wraps the CryptoAPI.

Summary:

  • Both classes generate same hash key.
  • SHA256CryptoServiceProvider uses the FIPS 140-2 validated Crypto Service Provider (CSP) while SHA256Managed does not.
  • The .Net SHA256Managed class is supported in all framework versions while the SHA256CryptoServiceProvider class is only supported from framework 3.5 and above.

How to develop a software to support FIPS Compliance

When you develop a software, you need to use SHA256CryptoServiceProvider for hashing, otherwise, you will get the following error when you run the application in FIPS compliant enabled system:
Error: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms

Advertisements
Advertisements

No comments:

Post a Comment