2.2.2.2.5 HomeGroup Signing Key

HomeGroup Signing Key messages are used to distribute signing keys to the homegroup. The signing keys are used to verify the integrity of signed WSD messages that are sent by homegroup members over WSD.

HomeGroup Signing Key messages are sent within the HomeGroup Record format (section 2.2.2.2), where the following elements are specified:

  • The value of the <RECORDSOURCE> element is set to {CA328F46-E759-4399-82AB-FA92651D1ED2}.

  • The value of the <PERSIST> element is set to 1.

The <HOMEGROUP_DATA> element is populated with the HomeGroup Signing Key message content in the following manner:

 <?xml version="1.0" encoding="utf-8"?>
 <xs:schema id="NewDataSet" xmlns="" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
   <xs:element name="HOMEGROUP_DATA">
     <xs:complexType>
       <xs:sequence>
         <xs:element name="SIGNINGKEYS" type="xs:string" minOccurs="1" />
       </xs:sequence>
     </xs:complexType>
   </xs:element>
   <xs:element name="NewDataSet" msdata:IsDataSet="true" msdata:UseCurrentLocale="true">
     <xs:complexType>
       <xs:choice minOccurs="0" maxOccurs="unbounded">
         <xs:element ref="HOMEGROUP_DATA" />
       </xs:choice>
     </xs:complexType>
   </xs:element>
 </xs:schema>
            

SIGNINGKEYS: The binary version of the encrypted signing key, which is encrypted as specified in section 3.1.4.5.5.

The binary <SIGNINGKEYS> element is sent in the following data format:


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x42

0x00

0x45

0x00

0x47

0x00

0x49

0x00

0x4E

0x00

0x20

0x00

0x43

0x00

0x45

0x00

0x52

0x00

0x54

0x00

0x49

0x00

0x46

0x00

0x49

0x00

0x43

0x00

0x41

0x00

0x54

0x00

0x45

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x0D

0x00

0x0A

0x00

EncodedKeyBlob (3260 bytes)

...

...

...

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x45

0x00

0x4E

0x00

0x44

0x00

0x20

0x00

0x43

0x00

0x45

0x00

0x52

0x00

0x54

0x00

0x49

0x00

0x46

0x00

0x49

0x00

0x43

0x00

0x41

0x00

0x54

0x00

0x45

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x2D

0x00

0x0D

0x00

0x0A

0x00

EncodedKeyBlob (3260 bytes): This MUST be generated by the following procedure:

  1. Randomly generate a 2048-bit RSA key pair and encode it as an RSAKeyBlob structure as specified in section 2.2.2.2.5.1. The RSA algorithm is specified in [RFC3447] and recommended methods for generating RSA keys are described in [FIPS186].

  2. Generate a 256-bit AES key [FIPS197] by concatenating the homegroup GUID and the homegroup password and hashing the result with the SHA-256 algorithm [FIPS180-3]. In this procedure, the homegroup GUID is represented in the Curly-Braced String Representation specified in [MS-DTYP] section 2.3.4.3 and encoded as a Unicode string in little-endian UTF-16 encoding with the terminating NULL character and the homegroup password is represented as a Unicode string in little-endian UTF-16 encoding with the terminating NULL character.

  3. Encrypt the RSAKeyBlob generated in Step 1 with the AES key generated in Step 2, using the AES-256 block cipher [FIPS197] in Cipher Block Chaining mode [SP800-38A] with a zero Initialization Vector (IV).

  4. Encode the result from Step 3 with the Base64 encoding scheme specified in [RFC4648] section 4, with a 64-bit line length and a terminating line feed. Note that line feeds are CR-LF combinations.

  5. Represent the result from Step 4 as a Unicode string in little-endian UTF-16 encoding.