Details
-
Bug
-
Status: Open
-
Trivial
-
Resolution: Unresolved
-
None
-
None
-
None
-
Tested on Windows 10 and 11
Description
Problem
When `only-mvnw.cmd` is used to initiate the wrapper, the script fails due to MD5.
Exception calling "Create" with "0" argument(s): "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms." At line:1 char:1 + $MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().Comp ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : InvalidOperationException
Since the hashes are used within the script, it is easier to replace the line below
$MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join ''
with
$MAVEN_HOME_NAME = ([System.Security.Cryptography.SHA256]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join ''
Steps to reproduce
- Under Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy, set Enabled to 1.
- Run only-mvnw.cmd
Caveat
The FIPS check works with Powershell 5, not Powershell 7. It looks like the new PowerShell does not respect the OS configuration as well. So if the script is run within the new PowerShell, it would succeed due to –or thanks to– this problem.
I created an issue on their repository for this problem: https://github.com/PowerShell/PowerShell/issues/24502