#2368 FIPS Mode Not Enforcing

[Jonah Logan Allen]

Hello,

I am locking down KeePass to meet our security requirements, but i noticed that KeePass is not enforcing FIPS compliance. I can still make/open databases that were made using ChaCha20/Argon(X). The version of KeePass i am using is 2.57.1. I have copied my configuration files for KeePass to this ticket as well as it could simply be user error.

Please note for the keepass.exe.config file i have tried both
"you can enable the usage of FIPS-validated algorithm implementations by opening the 'KeePass.exe.config' file using a text editor and deleting the line '<enforcefipspolicy enabled="false">'.</enforcefipspolicy>

and just keeping the line and changing "False" to "True".

Either way its not doing the desired behavior.

[Jonah Logan Allen]

Additonally i would like to note that i tried this on both the portable version (Same version) and the installed version. The installed version the configuration is placed here (C:\Program Files (x86)\KeePass2x)