Strange SEC_E_OUT_OF_SEQUENCE in Negotiate EncryptMessge/DecryptMessage



Hi All

I'm practicing SSPI programming for Negotiate. After the security
context is established on both sides, I've done these things:

Client create B=EncryptMessage(A) and send B to server
Server create C=DecryptMessage(B)
Server create D=MakeSignature(C) and send D to client
Client check VerifySignature(A,D)

Until now, everything is OK, and I do it reversely:

Server create F=EncryptMessage(E) and send F to client
Client call DecryptMessage(F) and SEC_E_OUT_OF_SEQUENCE is returned.

Can anyone tell me what I'm missing here? i thought as long as each
generated token is processed by the peer then this error should not
appear.

Thanks
Goo

.



Relevant Pages

  • Re: What doesnt lend itself to OO?
    ... > system design within that context seriously). ... >>The first line exists in the server. ... > objects between client and server i.e. as far as the client code is ... the message data packet data in the server between requests, ...
    (comp.object)
  • Re: UnauthorizedAccessException when using MSDTC
    ... dispatcher2 is the user logged on the client pc. ... Event Source: Security ... Object Server: SC Manager ... Primary Domain: BLITZ ...
    (microsoft.public.data.ado)
  • Re: Routing and Remote Access - Authentication Failure
    ... because the real client computer can tunel through it's local NAT router, ... travel the Intrenet, join the VPN and access the server, when this feature ... Their security system decided that the server was trying to steel ...
    (microsoft.public.windows.server.networking)
  • Re: MERGE as the imperative form of aggregation
    ... Assume the below executes on a client machine, ... and the relvar T is on a distinct server machine. ... Introducing context sensitivities into expression evaluation rules ... ambiguity in view updates. ...
    (comp.databases.theory)
  • Re: WCF security advice (and clarification) needed
    ... You, the client, resolve the foo.mycompany.com hostname within your ... TCP/IP) with that ticket as the security token. ... There are two parties participating in a security scenario, the server ... HTTP supports other authentication ...
    (microsoft.public.dotnet.framework.webservices)