FIPS Validation ?

Oct 13, 2015 at 5:44 PM
I want to use this code, but I am not a cryptographer. Is this on a FIPS validation path? Access to the source code does me know good, as I am not up to the task of vetting this.

Feb 23, 2016 at 3:48 PM
Depending on what you mean, either yes or no :).

This library won't be submitted for FIPS validation; but this library doesn't provide any cryptographic implementations. It just defers into the Windows CNG libraries, which are FIPS validated. The same story is true of the cryptography types in the .NET Framework.

Some pieces of this library have started making their way into the .NET Framework; so (depending on what, in particular, you're after) you can either use this library, or the .NET Framework usage of this tech, and be using the same underlying validated library.