[MS-WCCE] Incorrect CA Exchange certificate algorithm definition

Vadims Podāns 9,126 Reputation points MVP
2021-07-13T13:09:26.387+00:00

In [MS-WCCE], §3.2.1.4.3.2.15.1 several statements are incorrect:

2.a. For the Subject of the exchange certificate, a common name attribute is used with a value the same as the value of the common name attribute in the subject information of the CA signing certificate (Signing_Cert_Certificate datum) and appending "-Xchg" to the value. The Issuer field is filled with the same value as the Subject field.

The last sentence is incorrect, it should be: The Issuer field is filled with the same value as the Subject field of the CA signing certificate.

2.g. If the CA signing certificate contains an Authority Key Identifier extension, add this extension with the same value as in the CA signing certificate (Signing_Cert_Certificate datum). Authority Key Identifier extension is specified in [RFC3280] section 4.2.1.1

AKI extension is not copied from signing certificate. Instead, an SKI (subject key identifier) value is placed in AKI extension of CA Exchange certificate. The correct statement would be:

If the CA signing certificate contains a Subject Key Identifier extension, add this extension value (Signing_Cert_Certificate datum) to the Authority Key Identifier extension of CA Exchange certificate. Authority Key Identifier extension is specified in [RFC3280] section 4.2.1.1

or something like that.

2.h. If the CA signing certificate contains a Subject Key Identifier extension, add this extension with the same value as in the CA signing certificate (Signing_Cert_Certificate datum). Subject Key Identifier extension is specified in [RFC3280] section 4.2.1.2.

Subject Key Identifier value is not copied from anywhere, it is a calculated SHA1 hash over subject's public key (which is not the same as CA key).

2.i. If the CA signing certificate contains an Authority Information Access extension, add this extension with the same value as in the CA signing certificate (Signing_Cert_Certificate datum). Authority Information Access extension is specified in [RFC3280] section 4.2.2.1.

2.j. If the CA signing certificate contains a CRL Distribution Point extension, add this extension with the same value as in the CA signing certificate (Signing_Cert_Certificate datum). CRL Distribution Point extension is specified in [RFC3280] section 4.2.1.14.

AIA and CDP extensions are not copied from CA certificate, instead it is constructed using CA configuration, specifically AIA and CDP extension configuration.

2.m. The value for the Signature Algorithm field is the name of the CA signing algorithm. The Signature Algorithm field is specified in [RFC3280] section 4.1.1.2.

as above, signature algorithm is determined by CA configuration, which may differ from what is used in CA certificate itself.

Windows Open Specifications
Windows Open Specifications
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Open Specifications: Technical documents for protocols, computer languages, standards support, and data portability. The goal with Open Specifications is to help developers open new opportunities to interoperate with Windows, SQL, Office, and SharePoint.
42 questions
{count} votes

Accepted answer
  1. Jeff McCashland 476 Reputation points Microsoft Employee
    2021-08-27T22:04:06.497+00:00

    We have updated [MS-WCCE] for the next release of the document:

    3.2.1.4.3.2.15.1 Creating a CA Exchange Certificate

    1. If an exchange certificate wasn't created in previous steps, create it by adding the following fields and extensions:
    2. For the Subject of the exchange certificate, a common name attribute is used with a value the same as the value of the common name attribute in the subject information of the CA signing certificate (Signing_Cert_Certificate datum) and appending "-Xchg" to the value. The Issuer field is filled with the same value as the Subject field of the CA signing certificate (Signing-_Cert_Certificate datum).
    3. The Authority Key Identifier extension is added with the same value as the Subject Key Identifier extension in the CA signing certificate (Signing_Cert_Certificate datum). If the Subject Key Identifier extension is not found in the CA signing certificate (Signing_Cert_Certificate datum), then the SHA1 hash of the public key of CA signing certificate (Signing_Cert_Certificate datum) is used as the value for the Authority Key Identifier extension. The Authority Key Identifier extension is specified in [RFC3280] section 4.2.1.1.
    4. The Subject Key Identifier extension is added with the same value as the SHA1 hash of the public key associated with the exchange certificate. The Subject Key Identifier extension is specified in [RFC3280] section 4.2.1.2.
    5. The Authority Information Access extension is added with the same value the CA returns when ICertRequestD2::GetCAProperty is called for PropID of CR_PROP_CERTAIAURLS and propIndex of 0xFFFFFFFF. See section 3.2.1.4.3.2.42 for details on how this value is computed. The Authority Information Access extension is specified in [RFC3280] section 4.2.2.1.
    6. The CRL Distribution Point extension is added with the same value the CA returns when ICertRequestD2::GetCAProperty is called for PropID of CR_PROP_CERTCDPURLS and propIndex of 0xFFFFFFFF. See section 3.2.1.4.3.2.43 for details on how this value is computed. The CRL Distribution Point extension is specified in [RFC3280] section 4.2.1.14.

    We're still working on item 13.

    Best Regards,
    Jeff McCashland
    Microsoft Open Specifications


2 additional answers

Sort by: Most helpful
  1. Jeff McCashland 476 Reputation points Microsoft Employee
    2021-07-23T22:43:15.807+00:00

    Hi Crypt32,

    I have been able to confirm all of your comments except for 1.

    It appears to me that the AIK is constructed from the Issuer's KeyID, Name, and SerialNumber, rather than being copied from anywhere.

    I have filed a request to update the documentation, and will follow up with it.

    Thanks,
    Jeff McCashland
    Microsoft Open Specifications


  2. Jeff McCashland 476 Reputation points Microsoft Employee
    2021-08-04T20:25:53.75+00:00

    Hi Crypt32,

    We're continuing to dig into the code to understand the last few items. You can use the title of this thread as your subject, or whatever makes sense to you.

    Thanks,
    Jeff McCashland
    Microsoft Open Specifications


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.