[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Session key size in Simplified Messaging
From: Eric Klein <erick () SOFTSHARE ! COM>
Date: 1997-10-28 2:00:38
[Download RAW message or body]
Hello again,
I know I have asked this question in the past, but there has
never really been an answer, and I am at a point where I really
need to know.
Is there any way to create a message using the simplified
messaging functions, and the Enhanced provider that is
encrypted with RC2 128-bit?
What happens: I call CryptEncryptMessage, and the
CRYPT_ENCRYPT_PARA is set to use the enhanced
provider, and szOID_RSA_RC2CBC. It will always encrypt
with RC2 40-bit (not 128-bit as the docs says that the
enhanced provider must).
I would very much like to offer our users the choice of
algorithms based on the CSP, and what they report from the
call CryptGetProvParam with PP_ENUMALGS, however
since the Enhanced CSP reports 128-bit RC2, but actually
uses 40-bit, I have no reliable way of knowing what a given
CSP will use in the simplified messaging functions
(since the Enhanced provider does not report properly).
In addition, this causes a possible problem with the law.
Since (for the time being), the Enhanced CSP uses 40-bit, we
rely on that, but if we offer it to our users and in the future it
changes to 128-bit, and they send mail outside the US
thinking that it is 40-bit (even though it is actually 128-bit)
they will be violating ITAR regulations.
I would greatly appreciate enlightenment on this issue.
(Especially I would like to find out if and when this bug in
the Enhanced CSP will be addressed).
Eric Klein
Softshare
erick@softshare.com
----------------------------------------------------------------
Users Guide http://www.microsoft.com/sitebuilder/resource/mailfaq.asp
contains important info including how to unsubscribe. Save time, search
the archives at http://microsoft.ease.lsoft.com/archives/index.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic