diff --git a/dlls/secur32/lsa.c b/dlls/secur32/lsa.c
index 8752ba1ad81..b89052df01f 100644
--- a/dlls/secur32/lsa.c
+++ b/dlls/secur32/lsa.c
@@ -622,6 +622,27 @@ static SECURITY_STATUS WINAPI lsa_VerifySignature(CtxtHandle *context, SecBuffer
     return lsa_package->user_api->VerifySignature(lsa_context, message, message_seq_no, quality_of_protection);
 }
 
+static SECURITY_STATUS WINAPI lsa_EncryptMessage(CtxtHandle *context, ULONG quality_of_protection,
+    SecBufferDesc *message, ULONG message_seq_no)
+{
+    struct lsa_package *lsa_package;
+    LSA_SEC_HANDLE lsa_context;
+
+    TRACE("%p %#x %p %u)\n", context, quality_of_protection, message, message_seq_no);
+
+    if (!context) return SEC_E_INVALID_HANDLE;
+
+    lsa_package = (struct lsa_package *)context->dwUpper;
+    lsa_context = (LSA_SEC_HANDLE)context->dwLower;
+
+    if (!lsa_package) return SEC_E_INVALID_HANDLE;
+
+    if (!lsa_package->user_api || !lsa_package->user_api->SealMessage)
+        return SEC_E_UNSUPPORTED_FUNCTION;
+
+    return lsa_package->user_api->SealMessage(lsa_context, quality_of_protection, message, message_seq_no);
+}
+
 static const SecurityFunctionTableW lsa_sspi_tableW =
 {
     1,
@@ -649,7 +670,7 @@ static const SecurityFunctionTableW lsa_sspi_tableW =
     NULL, /* AddCredentialsW */
     NULL, /* Reserved8 */
     NULL, /* QuerySecurityContextToken */
-    NULL, /* EncryptMessage */
+    lsa_EncryptMessage,
     NULL, /* DecryptMessage */
     NULL, /* SetContextAttributesW */
 };
@@ -681,7 +702,7 @@ static const SecurityFunctionTableA lsa_sspi_tableA =
     NULL, /* AddCredentialsA */
     NULL, /* Reserved8 */
     NULL, /* QuerySecurityContextToken */
-    NULL, /* EncryptMessage */
+    lsa_EncryptMessage,
     NULL, /* DecryptMessage */
     NULL, /* SetContextAttributesA */
 };