diff --git a/src/sptps.c b/src/sptps.c
index 5a99055d..386b6fd2 100644
--- a/src/sptps.c
+++ b/src/sptps.c
@@ -439,6 +439,19 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 		return receive_handshake(s, data + 5, len - 5);
 	}
 
+	// Check HMAC.
+	uint16_t netlen = htons(len - 21);
+
+	char buffer[len + 23];
+
+	memcpy(buffer, &netlen, 2);
+	memcpy(buffer + 2, data, len);
+
+	memcpy(&seqno, buffer + 2, 4);
+
+	if(!digest_verify(&s->indigest, buffer, len - 14, buffer + len - 14))
+		return error(s, EIO, "Invalid HMAC");
+
 	// Replay protection using a sliding window of configurable size.
 	// s->inseqno is expected sequence number
 	// seqno is received sequence number
@@ -473,19 +486,8 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 	if(seqno > s->inseqno)
 		s->inseqno = seqno + 1;
 
-	uint16_t netlen = htons(len - 21);
-
-	char buffer[len + 23];
-
-	memcpy(buffer, &netlen, 2);
-	memcpy(buffer + 2, data, len);
-
-	memcpy(&seqno, buffer + 2, 4);
-
-	// Check HMAC and decrypt.
-	if(!digest_verify(&s->indigest, buffer, len - 14, buffer + len - 14))
-		return error(s, EIO, "Invalid HMAC");
 
+	// Decrypt.
 	cipher_set_counter(&s->incipher, &seqno, sizeof seqno);
 	if(!cipher_counter_xor(&s->incipher, buffer + 6, len - 4, buffer + 6))
 		return false;