Foxit PDF Editor provides a FIPS mode to make data protection compliant with Federal Information Processing Standard (FIPS). FIPS mode uses FIPS 140-2 approved algorithms to establish requirements for various purposes including the cryptographic modules of software and hardware.
The system administrator can configure FIPS mode in the Windows registry by the following steps (Take Foxit PDF Editor 11.0 for example):
- Open the Registry Editor and navigate to the registry: HKEY_CURRENT_USER\SOFTWARE\Foxit Software\Foxit PDF Editor 11.0
- Right-click Foxit PDF Editor 11.0, and choose New > DWORD (32-bit) Value.
- Name the new value “bFIPSMode” and set the value data to 1.
In FIPS mode, the following security options are not available:
- Applying password-based security policies to documents, and AIP encryption. You can use public key certificates to secure the document.
- Creating self-signed certificates. To create a self-signed digital ID, it must be saved to the Windows certificate store. You cannot create a self-signed digital ID that is saved to a file.
- RC4 encryption. A PDF file can only be encrypted using the AES encryption algorithm when in FIPS mode.
- MD5 or RIPEMD160 digest methods. In FIPS mode, only the SHA-1 and SHA-2 families of digest algorithms can be used when you create a digital signature.
Note: In FIPS mode, you can open and view documents that are protected with algorithms that are not FIPS compliant. However, you can’t save any changes to the document protected with password and AIP protection.