Prerequisites

• Write a descriptive title.
• Make sure you are able to repro it on the latest released version
• Search the existing issues.
• Refer to the FAQ.
• Refer to Differences between Windows PowerShell 5.1 and PowerShell.

Steps to reproduce

When Windows computers are in FIPS mode, the Powershell 5 prevents weak algorithms according to the FIPS mode to be used. But Powershell 7 ignores that setting.

• Under Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy, set Enabled to 1.
• Start a PowerShell 5 console and paste [System.Security.Cryptography.MD5]::Create(). Expect an exception.
• Start a PowerShell 7 console [System.Security.Cryptography.MD5]::Create(). It should succeed.

Expected behavior

PS> [System.Security.Cryptography.MD5]::Create()
Exception calling "Create" with "0" argument(s): "This implementation is not part of the Windows Platform FIPS
validated cryptographic algorithms."
At line:1 char:1
+ [System.Security.Cryptography.MD5]::Create()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : InvalidOperationException

Actual behavior

PS> [System.Security.Cryptography.MD5]::Create()

HashSize                   : 128
Hash                       :
InputBlockSize             : 1
OutputBlockSize            : 1
CanTransformMultipleBlocks : True
CanReuseTransform          : True

Error details

-

Environment data

PS>  $PSVersionTable

Name                           Value
----                           -----
PSVersion                      7.4.5
PSEdition                      Core
GitCommitId                    7.4.5
OS                             Microsoft Windows 10.0.19045
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Visuals

FIPS mode.zip