Re: 3DES with PROV_RSA_FULL ???

From: Eric (eric.h@netcourrier.com)
Date: 08/12/02


From: "Eric" <eric.h@netcourrier.com>
Date: Mon, 12 Aug 2002 17:19:23 +0200


Hi Mark,

I am sorry to read like a lawyer and I don't pretend anything, I am new in
using CryptoAPI and as for anything new I just refer to the
documentation.....
I don't have any background information about laws restriction in 99'. This
is why I was surprised I could use 3DES with PROV_RSA_FULL
This is also the reason I post on this group, I am not stuck with the docs
and I like to have experience from other people...
You know, this CAPI doc is very hard for newbies because it has a lot of out
of date information.... Hopefully we have this newsgroup :-)
Thanks again for your help.
Regards.
Eric

"Mark_Pryor" <mpryorVB@netsprintmail.com> wrote in message
news:#4Dl48gQCHA.3772@tkmsftngp08...
> Hi,
> Eric <eric.h@netcourrier.com> wrote in message
> news:#zvHfycQCHA.2676@tkmsftngp10...
> > Thanks for you answers Mark and you,
> >
> > I am not talking about the Provider which does support 3DES as written
in
> > the API doc.
> > As i understand, each provider must be used with a provider type. This
> > provider type supports a set of algorithms within the overall set of
> > algorithms supported by the Provider.
> > That means "Enhanced Provider" can support some algorithms which are not
> > part of some provider types.
> > In the API doc it is written that "Enhanced Prov" support 3DES but the
> > PROV_RSA_FULL type does not include this algorithm...So i would need to
use
> > another provider type (that includes 3DES) along the "Enhanced provider"
in
> > order to use 3DES.
> >
> > I don't know if I am right and I would appreciate if someone could
clarify
> > it...
>
> Yes you are right. The PROV_RSA_FULL is documented to only
> allow the RC2, RC4 algorithms.
>
> Why do you read the SDK Docs like a lawyer? Let the API speak for itself,
> especially when it has methods like
> CryptGetProvParam / dwParam=PP_ENUMALGS
>
> that expose the allowed algorithms. The latest release of WinXP allows
> AES. Are you going to pretend that it shouldn't work cause those
> ancient Docs don't mention it?
>
> Most of the pages in the Crypto Docs were written in the early
> days of IE5 (Nov 1999), when the laws restricting export of strong
> cryptography were still on the books. They only mention a minimal
> set of algos included with the Base provider.
>
> regards,
> Mark Pryor
>
>
>



Relevant Pages

  • Re: C# OLE DB sample?
    ... to do this because you need a provider for OLE DB to work with CSV files. ... Mark made a guess as to what you were trying to do. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: FlexiProvider: an open source cryptography provider for the JCA/JCE
    ... >> With this email we would like to introduce the FlexiProvider, ... >> source cryptography service provider for the Java Cryptography ... It currently includes the following algorithms: ... More portable (i.e. provider independent) is to search the list of keys ...
    (sci.crypt)
  • Re: FlexiProvider: an open source cryptography provider for the JCA/JCE
    ... >> With this email we would like to introduce the FlexiProvider, ... >> source cryptography service provider for the Java Cryptography ... It currently includes the following algorithms: ... More portable (i.e. provider independent) is to search the list of keys ...
    (sci.crypt)
  • Re: Microsoft CryptoAPI CSP Availability
    ... what makes you think that you do not have these algorithms installed? ... "Microsoft Strong Cryptographic Provider" providers ... the SHA-1 algorithm has shipped with every version of Windows ...
    (microsoft.public.dotnet.security)
  • Re: wmi & dynamic disks
    ... Thanks Lee but I have already looked at these providers and the drive types ... Mark ... > VBScript - at least you can see what the WMI provider is. ...
    (microsoft.public.scripting.vbscript)