I am using schannel for TLS and am trying to use the algorithm CALG_AES_256 within the "Microsoft Enhanced RSA and AES Cryptographic Provider" (MS_ENH_RSA_AES_PROV). Whenever I set the supported algorithms to an array of 1 and set it to CALG_AES_256
within the SCHANNEL_CRED structure passed to AcquireCredentialsHandle() I receive an error on the subsequent call to InitializeSecurityContext() of 0x80090331 (The client and server cannot communicate, because they do not possess a common algorithm).
It seems schannel is not using the MS_ENH_RSA_AES_PROV and/or cannot support the CALG_AES_256 algorithm. I see no way to instruct schannel to use this provider, does such a way exist?
I am using Windows 2003 Enterprise Server with SP2 and I can enumerate the MS_ENH_RSA_AES_PROV CSP provider, so I know its there.
View Complete Post