Databases
StackOverflow2013
Postsdbo
POEncryptMessage returns SEC_E_INVALID_TOKEN
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POEncryptMessage returns SEC_E_INVALID_TOKEN
    text
    copied!<p>When using the EncryptMessage (SChannel) from the win32 API with a valid context, I am supplying the four buffers in the correct order I get the SEC_E_INVALID_TOKEN response which according to the documentation is No SECBUFFER_DATA type buffer was found. I know that the set of pvBuffers should be allocated from contiguous memory for speed but for simplicity I have made it obvious what is what. Can anyone see what the problem could be?</p> <p>Thanks, Bruce</p> <p>The code is the following;</p> <pre><code>procedure TTCPSocket.SSPEncryptBuffer(SSPCtx: PCtxtHandle; InData: PAnsiChar; InDataLength: Cardinal); var SecStatus: TSecurityStatus; SecBufDesc: TSecBufferDesc; SecBufs: packed array [0 .. 3] of TSecBuffer; begin SecBufs[0].BufferType := SECBUFFER_STREAM_HEADER; SecBufs[0].cbBuffer := FSecPkgSizes.cbHeader; SecBufs[0].pvBuffer := AllocMem(FSecPkgSizes.cbHeader); SecBufs[1].BufferType := SECBUFFER_DATA; SecBufs[1].cbBuffer := InDataLength; SecBufs[1].pvBuffer := InData; SecBufs[2].BufferType := SECBUFFER_STREAM_TRAILER; SecBufs[2].cbBuffer := FSecPkgSizes.cbTrailer; SecBufs[2].pvBuffer := AllocMem(FSecPkgSizes.cbTrailer); SecBufs[3].BufferType := SECBUFFER_EMPTY; SecBufs[3].cbBuffer := 0; SecBufs[3].pvBuffer := nil; SecBufDesc.ulVersion := SECBUFFER_VERSION; SecBufDesc.cBuffers := 4; SecBufDesc.pBuffers := @SecBufs[0]; SecStatus := EncryptMessage(SSPCtx, 0, @SecBufDesc, 0); if SecStatus &lt;&gt; SEC_E_OK then begin // Error code.. end; end; </code></pre> <p>I used STRACE injected into the executable and this line looks interesting;</p> <pre><code>12/07/2009 23:10:30:635 - SecBuffer #0 BufferType:0x00000007 cbBuffer:5 12/07/2009 23:10:30:636 - SecBuffer #1 BufferType:0x00000001 cbBuffer:13 12/07/2009 23:10:30:636 - SECBUFFER_DATA - 13 byte(s) / EncryptMessage - INPUT ===================================================== 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 0123456789abcdef 0000: 68 65 6c 6c 6f 20 77 6f 72 6c 64 21 00 hello world!. ===================================================== 12/07/2009 23:10:30:636 - SecBuffer #2 BufferType:0x00000006 cbBuffer:36 12/07/2009 23:10:30:636 - SecBuffer #3 BufferType:0x00000000 cbBuffer:0 12/07/2009 23:10:30:636 - *** WARNING : EncryptMessage failed (80090308) *** </code></pre> <p>Which looks as though the OS is getting the correct information.</p> <p>I have searched a bit and found that 80090308 usually means something wrong with the certificate in that the full name of the server should be in the subject, CN=www.foobar.com but this didn't fix the problem either, the certificate and CA are generated with OpenSSL.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload