You can use any one of the below commands to check if FIPS has been enabled in your windows operating system or not.
Method 1:
If you run the following command it will return a boolean value, If FIPS is enabled it will return true otherwise false.
[System.Security.Cryptography.Cryptoconfig]::AllowOnlyFipsAlgorithms
If FIPS is enabled you will get output like the below show.
You can use the same command and create a function like this.
function Test-FipsEnabled {
return New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider;
}
Method 2:
Here is the other method to determine whether or not FIPS is enabled. Run the following command in your terminal, you should get an exception as shown below if FIPS is enabled.
New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
New-Object : Exception calling “.ctor” with “0” argument(s): “This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.”
FIPS enabled output
FIPS not enabled output:
You can use the same command and create a function like this.
Function Test-FipsEnabled {
try {
New-Object -TypeName ystem.Security.Cryptography.MD5CryptoServiceProvider
} catch {
return $true
}
return $false
}