3.1.5.1.1.2 PeerService_ProcessRequestSecurityToken_OutputMessage
The receiving node MUST follow the following sequence of rules for processing this message:
If the value of the ConnectionState data element for the connection is not equal to the Created state, or the node is not the initiator of the connection, the node MUST abort the connection and stop the protocol. This message MUST only be received as a response to a RequestSecurityToken message sent by the initiator of the neighbor connection immediately after establishing the connection.
Verify that the result of security token validation is success. If the validation token is not properly formed (see section 2.2.3.2), the receiving node MUST abort the connection and stop the protocol.
The receiving node MUST retrieve the Authenticator token (contained as a base64-encoded value in the Authenticator element at the path Envelope/Body/RequestSecurityTokenResponse/RequestedSecurityToken/PeerHashToken in the message).
The receiving node MUST compute the sender's Authenticator token using the sender's public key and the password.
The receiving node compares the Authenticator tokens computed in steps 3 and 4. If the byte-wise comparison of these Authenticator tokens fails, the receiving node MUST abort the connection and stop the protocol.
The receiving node MUST transition the value of the ConnectionState data element for the connection to the Authenticated state.
The receiving node SHOULD start the Connect Handshake timer.