3.1.5.1.1 Packet Validation

The information specified in the Security Header (section 2.2.2) MUST match the client security mode (section 3.1.1.1).

If the client security mode (section 3.1.1.1) is set to WDSMCTP_SEC_HASH, the server MUST compute the HMAC Hash of the packet (section 2.2.2.1), and the HMAC Hash specified in the Security Header of packet MUST match the value computed by the server.

If the client security mode (section 3.1.1.1) is set to WDSMCTP_SEC_CHECKSUM, the server MUST compute the Checksum of the packet (section 2.2.2.3) and the Checksum specified in the Security Header of the packet MUST match the value computed by the server.

If the client security mode (section 3.1.1.1) is set to WDSMCTP_SEC_NONE, then the packet MUST NOT have any security/validation information.

The server MUST validate that the SessionId (section 2.2.3) matches the SessionId (section 3.1.1.1).

Based on the OpCode field in the Session Header (section 2.2.3), the server MUST validate that all fields required for the packet are specified as per section 2.2.