schannel and MS_ENH_RSA_AES_PROV RRS feed

  • Question

  • I am using schannel for TLS and am trying to use the algorithm CALG_AES_256 within the "Microsoft Enhanced RSA and AES Cryptographic Provider" (MS_ENH_RSA_AES_PROV).  Whenever I set the supported algorithms to an array of 1 and set it to CALG_AES_256 within the SCHANNEL_CRED structure passed to AcquireCredentialsHandle() I receive an error on the subsequent call to InitializeSecurityContext() of 0x80090331 (The client and server cannot communicate, because they do not possess a common algorithm).  It seems schannel is not using the MS_ENH_RSA_AES_PROV and/or cannot support the CALG_AES_256 algorithm.  I see no way to instruct schannel to use this provider, does such a way exist? 

    I am using Windows 2003 Enterprise Server with SP2 and I can enumerate the MS_ENH_RSA_AES_PROV CSP provider, so I know its there.

    Wednesday, September 1, 2010 12:24 AM