Why does the Create() method of SHA-1 behave differently than that of SHA-256?

Question

Why does the Create() method of the Cng-Type of SHA 1 return a CryptoServiceProvider, while that of SHA 256 returns a Managed?

_{(In other words: Why does SHA1Cng.Create() return a SHA1CryptoServiceProvider, while SHA256Cng.Create() returns a SHA256Managed?)}

(If you can explain why SHA256Cng.Create() was implemented to create a SHA256Managed instead of a SHA256Cng, I'd be interesting in that too. Currently, to create a SHA256Cng we need to use SHA256.Create("System.Security.Cryptography.SHA256Cng").)

We can't look into the minds of .net framework implementors. — Artjom B., Aug 04 '15 at 18:41
@ArtjomB. True. But perhaps there's a reason that's obvious for someone with more knowledge than mine. — ispiro, Aug 04 '15 at 18:43
@ArtjomB. Generally I just ask, but I'm not sure that works with Microsoft. — Maarten Bodewes, Aug 04 '15 at 20:29

score 1 · Answer 1 · edited May 23 '17 at 11:51

1

May be because of framework version. SHA256Cng is newer than SHA256Managed. Some details are here: Difference between SHA256CryptoServiceProvider and SHA256Managed

SHA256Cng has FIPS rules. So you cannot use this class for some encryption/signing class. SHA256Managed hasn't got limitiations. By default FIPS are disabled on OS. If change your OS setting may be default class change: http://www.morgantechspace.com/2014/12/How-to-enable-FIPS-Compliant-algorithms.html

edited May 23 '17 at 11:51

Community

1
1

answered Aug 04 '15 at 18:52

mkysoft

5,392
1
21
30

"SHA256Managed is newer than SHA256Cng" not sure why you say that. [SHA256Managed has been in the framework since .NET 1.0](https://msdn.microsoft.com/en-us/library/system.security.cryptography.sha256managed(v=vs.71).aspx). SHA256Cng appeared in .NET 3.5. – vcsjones Aug 04 '15 at 20:41
You are right, SHA256Cng is newer. I must have read incorrect something. – mkysoft Aug 05 '15 at 20:29

Why does the Create() method of SHA-1 behave differently than that of SHA-256?

1 Answers1