5.1.5 MAC Generation

Generation of a MAC checksum follows a method similar to that specified in [MS-RDPBCGR] section 5.3.6.1. Note that SHA-1 hash is used. Also note that the "+" symbol is used in the following procedure to represent concatenation of the keys.

 MACData = MD5(MAC-salt-key + pad2 + SHA-1 (MAC-salt-key + pad1
           + data-length + data-content))

The Pad1field is the value 0x36 repeated 40 times, the pad2 field is the value 0x5C repeated 48 times, the data-length field is the length of the data to encrypt expressed as a little-endian (Intel-ordered) UINT32, and the data-content field is the full set of data to be encoded.

The MAC salt key is given by the first 128 bits of the licensing session key BLOB. For licensing session key BLOB and MAC salt key generation, see section 5.1.2.