3.4.9.1 Signature Creation for GSS_VerifyMICEx()

For NTLMv1, all input data buffers where signed==TRUE are concatenated together and the signature is verified against the resulting concatenated buffer. For NTLMv2, the signature is verified for all of the input data buffers including the buffers where signed==FALSE.

Section 3.4.2 specifies the algorithm used by GSS_VerifyMICEx() to create the signature to verify against. The per_msg_token contains the NTLMSSP_MESSAGE_SIGNATURE structure (section 2.2.2.9).