Secur32.dll using FIPS 140 certified crypto

---

• From: Mike L <MikeL@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 16 Oct 2008 06:30:02 -0700

---

Hello,

Does anyone know if Secur32.dll calls are actually calling a FIPS 140
certified crypto provider(ie rsaenh.dll, bcrypt.dll module listed on NIST's
site) ? We are calling secur32.dll using InitSecurityInterfaceA to get
function pointers for the following methods:

AcquireCredentialsHandleA
InitializeSecurityContextA
EncryptMessage
DecryptMessage
etc.

So, the question is whether these methods actually use the FIPS certified
crypto providers. Also, is there a url that documents this for reference
purposes in a FIPS security policy ?

thank you,
Mike
.

---

• Prev by Date: Change permissions of a file.
• Next by Date: Re: How to re-authenticate user once logged on.
• Previous by thread: Change permissions of a file.
• Next by thread: CryptAcquireContext fails with "ERROR_FILE_NOT_FOUND"
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2008-10