This project has moved and is read-only. For the latest updates, please go here.

TransformReflectionInfo FIPS compliance

Topics: Developer Forum
Sep 20, 2010 at 4:51 PM

Hi all,

I've a 2008 server with FIPS enabled and the TransformReflectionInfo step uses an XslTransform which throws an exception during transformation (below).

MD5's not a valid FIPS compliant crypto algorithm - is there a way to set sandcastle to use a different crypto config?


  Unhandled Exception: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
     at System.Security.Cryptography.MD5CryptoServiceProvider..ctor()
     --- End of inner exception stack trace ---
     at System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
     at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
     at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args)
     at System.Xml.Xsl.CompiledQuery.Script1.getFileName(String id)
     at <xsl:template match="api">(XmlQueryRuntime {urn:schemas-microsoft-com:xslt-debug}runtime, XPathNavigator {urn:schemas-microsoft-com:xslt-debug}current)
     at <xsl:template match="apis">(XmlQueryRuntime {urn:schemas-microsoft-com:xslt-debug}runtime, XPathNavigator {urn:schemas-microsoft-com:xslt-debug}current)
     at <xsl:template match="/">(XmlQueryRuntime {urn:schemas-microsoft-com:xslt-debug}runtime, XPathNavigator {urn:schemas-microsoft-com:xslt-debug}current)
     at Root(XmlQueryRuntime {urn:schemas-microsoft-com:xslt-debug}runtime)
     at System.Xml.Xsl.XmlILCommand.Execute(Object defaultDocument, XmlResolver dataSources, XsltArgumentList argumentList, XmlWriter writer, Boolean closeWriter)
     at System.Xml.Xsl.XmlILCommand.Execute(XmlReader contextDocument, XmlResolver dataSources, XsltArgumentList argumentList, XmlWriter results)
     at System.Xml.Xsl.XslCompiledTransform.Transform(XmlReader input, XsltArgumentList arguments, XmlWriter results)
     at Microsoft.Ddue.Tools.XslTransformer.Main(String[] args)


Sep 20, 2010 at 8:28 PM

Sandcastle uses MD5 hashing to generate its "GUID" style names.  It's not an actual GUID but an MD5 hash value in GUID format.  You can set the NamingMethod project property to MemberName or HashedMemberName neither of which use the MD5 crypto algorithm.



Sep 20, 2010 at 9:23 PM


Thanks for the response.  The shfbproj's NamingMethod is MemberName, but still throws this error.


Sep 21, 2010 at 3:26 AM

I forgot that SHFB doesn't use the friendly naming transformation file.  You should be able to work around the issue by copying the AddFriendlyFilenames.xsl file over the AddGuidFilenames.xsl file in the %ProgramFiles%\Sandcastle\ProductionTransforms folder.  That way it will use the Sandcastle member naming method for both.