Zafer Balkan created MWRAPPER-153:
-------------------------------------
Summary: only-mvnw.cmd fails when FIPS mode is enabled
Key: MWRAPPER-153
URL: https://issues.apache.org/jira/browse/MWRAPPER-153
Project: Maven Wrapper
Issue Type: Bug
Components: Maven Wrapper Scripts
Environment: Tested on Windows 10 and 11
Reporter: Zafer Balkan
h2. Problem
When `only-mvnw.cmd` is used to initiate the wrapper, the script fails due to
MD5.
{code:java}
Exception calling "Create" with "0" argument(s): "This implementation is not
part of the Windows Platform FIPS
validated cryptographic algorithms."
At line:1 char:1
+ $MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().Comp ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : InvalidOperationException {code}
Since the hashes are used within the script, it is easier to replace the line
below
{code:java}
$MAVEN_HOME_NAME =
([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl)
| ForEach-Object {$_.ToString("x2")}) -join '' {code}
with
{code:java}
$MAVEN_HOME_NAME =
([System.Security.Cryptography.SHA256]::Create().ComputeHash([byte[]][char[]]$distributionUrl)
| ForEach-Object {$_.ToString("x2")}) -join '' {code}
h2. Steps to reproduce
* Under
{{{}Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy{}}},
set {{Enabled}} to {{{}1{}}}.
* {{Run only-mvnw.cmd}}
h2. Caveat
The FIPS check works with Powershell 5, not Powershell 7. It looks like the new
PowerShell does not respect the OS configuration as well. So if the script is
run within the new PowerShell, it would succeed due to –or thanks to– this
problem.
I created an issue on their repository for this problem:
https://github.com/PowerShell/PowerShell/issues/24502
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
