Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-3729

Connection fails when using authentication while FIPS enabled

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • None

      When setting up authentication while FIPS is enabled on the Windows machine the driver will fail to connect due to a usage of MD5 hashing mechanism.

      Exact stack trace:

      Exception Message [A timeout occured after 30000ms selecting a server using CompositeServerSelector{ Selectors = ReadPreferenceServerSelector{ ReadPreference = { Mode = Primary, TagSets = [] } }, LatencyLimitingServerSelector{ AllowedLatencyRange = 00:00:00.0150000 } }. Client view of cluster state is { ClusterId : "1", ConnectionMode : "Automatic", Type : "Unknown", State : "Disconnected", Servers : [{ ServerId: "{ ClusterId : 1, EndPoint : "127.0.0.1:27018" }", EndPoint: "127.0.0.1:27018", State: "Disconnected", Type: "Unknown", HeartbeatException: "MongoDB.Driver.MongoConnectionException: An exception occurred while opening a connection to the server. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
         at System.Security.Cryptography.MD5CryptoServiceProvider..ctor()
         --- End of inner exception stack trace ---
         at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
         at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
         at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args)
         at System.Security.Cryptography.MD5.Create()
         at MongoDB.Driver.Core.Authentication.AuthenticationHelper.MongoPasswordDigest(String username, SecureString password)
         at MongoDB.Driver.Core.Authentication.ScramSha1Authenticator.ClientFirst.Transition(SaslConversation conversation, Byte[] bytesReceivedFromServer)
         at MongoDB.Driver.Core.Authentication.SaslAuthenticator.Transition(SaslConversation conversation, ISaslStep currentStep, BsonDocument result)
         at MongoDB.Driver.Core.Authentication.SaslAuthenticator.<AuthenticateAsync>d__7.MoveNext()
      

            Assignee:
            james.kovacs@mongodb.com James Kovacs
            Reporter:
            barak.spoj@sisense.com Barak Spojnikov
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: