Strange SEC_E_OUT_OF_SEQUENCE in Negotiate EncryptMessge/DecryptMessage

From: Speedo <speedogoo@xxxxxxxxx>
Date: Fri, 18 Jul 2008 03:20:24 -0700 (PDT)

Hi All

I'm practicing SSPI programming for Negotiate. After the security
context is established on both sides, I've done these things:

Client create B=EncryptMessage(A) and send B to server
Server create C=DecryptMessage(B)
Server create D=MakeSignature(C) and send D to client
Client check VerifySignature(A,D)

Until now, everything is OK, and I do it reversely:

Server create F=EncryptMessage(E) and send F to client
Client call DecryptMessage(F) and SEC_E_OUT_OF_SEQUENCE is returned.

Can anyone tell me what I'm missing here? i thought as long as each
generated token is processed by the peer then this error should not
appear.

Thanks
Goo

.

Prev by Date: Can a service, running as NetworkService, access a remote Named Pipe?
Next by Date: Use Session Key for a Service after Authentication in Active Direc
Previous by thread: Can a service, running as NetworkService, access a remote Named Pipe?
Next by thread: Use Session Key for a Service after Authentication in Active Direc
Index(es):
- Date
- Thread

Relevant Pages

Re: What doesnt lend itself to OO?
... > system design within that context seriously). ... >>The first line exists in the server. ... > objects between client and server i.e. as far as the client code is ... the message data packet data in the server between requests, ...
(comp.object)
Re: UnauthorizedAccessException when using MSDTC
... dispatcher2 is the user logged on the client pc. ... Event Source: Security ... Object Server: SC Manager ... Primary Domain: BLITZ ...
(microsoft.public.data.ado)
Re: Routing and Remote Access - Authentication Failure
... because the real client computer can tunel through it's local NAT router, ... travel the Intrenet, join the VPN and access the server, when this feature ... Their security system decided that the server was trying to steel ...
(microsoft.public.windows.server.networking)
Re: MERGE as the imperative form of aggregation
... Assume the below executes on a client machine, ... and the relvar T is on a distinct server machine. ... Introducing context sensitivities into expression evaluation rules ... ambiguity in view updates. ...
(comp.databases.theory)
Re: WCF security advice (and clarification) needed
... You, the client, resolve the foo.mycompany.com hostname within your ... TCP/IP) with that ticket as the security token. ... There are two parties participating in a security scenario, the server ... HTTP supports other authentication ...
(microsoft.public.dotnet.framework.webservices)