FIPS Build server fails on Run Code Analysis

Yesterday one of our .net core builds started failing in the “Run Code Analysis” phase of the process.

SonarScanner for MSBuild 4.9
Using the .NET Framework version of the Scanner for MSBuild
Post-processing started.
09:07:42.165  Fetching code coverage report information from TFS...
09:07:42.165  Attempting to locate a test results (.trx) file...
09:07:44.571  Looking for TRX files in: D:\agents\agent2\_work\180\TestResults
09:07:44.571  No test results files found
09:07:45.602  Did not find any binary coverage files in the expected location.
09:07:45.602  Falling back on locating coverage files in the agent temp directory.
09:07:45.602  Searching for coverage files in D:\agents\agent2\_work\_temp

##[error]Unhandled Exception:
##[error]System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
   at System.Security.Cryptography.SHA256Managed..ctor()
   at SonarScanner.MSBuild.TFS.BuildVNextCoverageSearchFallback.<>c.<FindCoverageFiles>b__5_0(String fullFilePath)

Due to requirements of our project the build server must have FIPS enabled, and it looks like according to the changes made in the Azure DevOps plugin version 4.10.0 that was just released, it added a SHA256Managed algorithm which is not FIPS compliant.

Hi @jgillette

Sorry to get back to you so late.
Turns out we made an update on the Scanner for MSBuild 4.10 version is available, which should get rid of your error.

Can you let us know ?

Thanks.
Mickaël

Yes, after I posted a bug report on github, someone fixed the issue within a week and when our Azure DevOps server pulled the new version of the plugin the builds started working again.

Thanks!
Jonathan

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.