Skip to content

Windows: Test Whether or Not FIPS Is Enabled

You can use any one of the below commands to check if FIPS has been enabled in your windows operating system or not.

Method 1:

If you run the following command it will return a boolean value, If FIPS is enabled it will return true otherwise false.

[System.Security.Cryptography.Cryptoconfig]::AllowOnlyFipsAlgorithms

If FIPS is enabled you will get output like the below show.

You can use the same command and create a function like this.

function Test-FipsEnabled {
  return New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider;
}

Method 2:

Here is the other method to determine whether or not FIPS is enabled. Run the following command in your terminal, you should get an exception as shown below if FIPS is enabled.

New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider

New-Object : Exception calling “.ctor” with “0” argument(s): “This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.”

FIPS enabled output

FIPS not enabled output:

You can use the same command and create a function like this.

Function Test-FipsEnabled {
    try {
        New-Object -TypeName ystem.Security.Cryptography.MD5CryptoServiceProvider
    } catch {
        return $true
    }
    return $false
}
0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments