Not directly, but you can work around this rather easily by using a shim wrapper.
This implementation is not part of the windows platform FIPS validated cryptographic algolrithms.
This error will occur with most .NET applications including CrossTalk if the host computer has been configured to require cryptographic algorithms to be FIPS compliant. This is not limited to CrossTalk in any manner – in fact this affects many Microsoft products including VSTO, ASP.NET, SQL Server, and more.
For example, MD5 is not FIPS compliant but .NET uses it for object hashes, streaming of generic classes and more. These are not security related issues, but unfortunately, they trigger a FIPS conflict.
To solve this you instruct Windows to ignore the FIPS requirement for your .NET application. To do this you must create a .NET application config file and add an enforceFIPSPolicy entry:
This entry must go in a file that is in the same location as your EXE file and have a .config extension. For example if your EXE is myapp.exe, the .NET application config file would be myapp.exe.config.
This setting is per EXE though and must be set for any EXE which uses CrossTalk. This includes:
- yourapp.exe.config
- bds.exe.config
- CTClassGen (all variants).exe.config
Once this setting is enabled, the FIPS error will no longer appear.
Additional Info
While some government and other users may have a mandate to enable FIPS, most users should not use FIPS unless they need to.
CrossTalk is not infected, Avira sometimes generates a false positive of TR/ATRAPS.Gen. Each time we reported it to Avira, the next Avira update fixed it. Unfortunately Avira’s detection system from time to time fails and produces false positives.
We saw several in 2010, and one in 2011. We have had no reports since 2011. You can report any false positives directly to Avira using this link.
1 | [#761386] Upload via Website – False positive suspicion | 14 Jun 2011 20:41 +0200 | ||
2 | [#652745] Upload via Website | 16 Dec 2010 01:30 +0100 | 16 Dec 2010 04:31 +0100 | Fixed |
3 | [#652744] Upload via Website | 16 Dec 2010 01:29 +0100 | 16 Dec 2010 04:31 +0100 | Fixed |
4 | [#619795] Upload via Website – False positive suspicion | 21 Oct 2010 00:16 +0200 | 21 Oct 2010 10:23 +0200 | Fixed |
5 | [#619791] Upload via Website – False positive suspicion | 21 Oct 2010 00:14 +0200 | 21 Oct 2010 10:23 +0200 | Fixed |
6 | [#615896] Upload via Website – False positive suspicion | 14 Oct 2010 14:38 +0200 | 15 Oct 2010 09:46 +0200 | Fixed |
(Image is out of date, .dll is now named Atozed.CrossTalk.Middle)
This message is a bit misleading as it can happen even when Atozed.CrossTalk.Middle.dll is properly deployed. It is caused by the VCRT loader that Atozed.CrossTalk.Middle.dll uses and occurs when the Visual C++ runtime .dll files are not deployed. Please see the deployment topic in the documentation.
This can occur when either:
- The CrossTalk .dll files or VCRT files are not deployed properly. Please see the deployment topic in the documentation.
- The proper .NET version is not installed.
CrossTalk uses the latest released version of .NET at the time of release. .NET however is backwards compatible and can load any .NET library of the current version, or any older version.
For example, if the CrossTalk release you are using links to .NET 4.6.2, you can use any .NET library for any .NET version from 1.1 to 4.6.2. In some cases for very old .NET versions, some settings may be required in a .config file to accompany your application.