[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-capicom
Subject:    Encrypt/Decrypt and Sign/Verify
From:       Anton Soudovtsev <soudovtsev () BLUEWIN ! CH>
Date:       2003-01-28 7:53:42
[Download RAW message or body]

Hello all,

I use SSPI authentication between a client and a server, both on NT4. I use
NTLM mode.
When the authentication is successfully negotiated the clientand the server
can exchange signed/encrypted messages.

But form what I noticed if a server sign/encrypt a message he CAN NOT verify/decrypt
the result.

In my scenario I want the server to sign a message, send it to the client
and, for each request, the client will send back the signed message and the
server will verify this message.

So my server must sign the message and verify this signed message.

How can I adjust the Security Context to achieve this? It seems that the
sequence number is not used.

This also appears for encrypt/decrypt functions.

Thanks,
Anton.
[prev in list] [next in list] [prev in thread] [next in thread]