3.1.6.8 Verify Data Integrity

The Message Authentication Code MUST be computed using the HMAC-SHA1 algorithm (as defined in [RFC4634]), with the shared key.

The Message Authentication Code MUST be for the message digest, as computed in section 3.1.6.7.

Comparison of this Message Authentication Code with the one saved from section 3.1.6.3 MUST be performed. If the Message Authentication Codes do not match, the data integrity verification fails. The message MUST be rejected.