Does anyone have a complete list of the .NET classes that will throw exceptions when the Windows FIPSAlgorithmPolicy is enabled?

Question

Does anyone have a complete list of the .NET classes that will throw the "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms" Exception when the Windows FIPSAlgorithmPolicy is enabled? Trying to find these at runtime by testing (with the right (wrong) set of parameters) is far from ideal.

The Microsoft documentation for that policy (https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing) does NOT list the classes that will throw exceptions... not even a partial listing.

Some have said all stuff not named "___CryptoServiceProvider" is non-compliant; however, many that are named "___CryptoServiceProvider" are almost certainly not compliant (like MD5CryptoServiceProvider). But based on the following partial listing, that guideline isn't even marginally useful...

There is a partial listing here: https://blog.aggregatedintelligence.com/2007/10/fips-validated-cryptographic-algorithms.html However, it is far from complete and, based on comments, not entirely correct.

Ideally, it would be great to have a table listing all classes that will throw that Exception with the corresponding class that you should use instead. Here's what I believe I know so far:

• RijndaelManaged will throw; use AesCryptoServiceProvider (with SHA1 and 128 bit block size) instead.
• Rijndael will throw; use AesCryptoServiceProvider (with SHA1 and 128 bit block size) instead.
• Rfc2898DeriveBytes does NOT seem to throw, at least with typical arguments.

A complete listing would be very helpful, even without suggested replacements; trying to find all such time bombs via runtime testing is, well, far from reliable.