3.1.5.1.1.2.2.5 ct_proof-key

  • Article

The ct_proof-key complex type specifies two public keys that a WOPI server uses to decrypt the values passed in the X-WOPI-Proof and X-WOPI-ProofOld HTTP headers (section 2.2.1). Note that the public keys passed in this complex type decrypt either of the HTTP header values.

The public keys are specified in two different formats.

If you include proof keys in discovery, you SHOULD include X-WOPI-Proof and X-WOPI-ProofOld HTTP headers (section 2.2.1) in all WOPI requests.

Attributes:

oldvalue: A base64-encoded value representing public key information that is compatible with the unmanaged Microsoft Cryptographic API ([MSDN-CAPI]).

value: A base64-encoded value representing public key information that is compatible with the unmanaged Microsoft Cryptographic API ([MSDN-CAPI]).

modulus: A base64-encoded value representing the RSA modulus as described in [RFC3447] section A.1.1. This modulus value MUST only be used with the value of the exponent attribute to produce a complete public key.

oldmodulus: A base64-encoded value representing the RSA modulus as described in [RFC3447] section A.1.1. This modulus value MUST only be used with the value of the oldexponent attribute to produce a complete public key.

exponent: A base64-encoded ([RFC4648]) value representing the RSA publicExponent as described in [RFC3447] section A.1.1. This exponent value MUST only be used with the value of the modulus attribute to produce a complete public key.

oldexponent: A base64-encoded ([RFC4648]) value representing the RSA publicExponent as described in [RFC3447] section A.1.1. This exponent value MUST only be used with the value of the oldmodulus attribute to produce a complete public key.

The following W3C XML schema ([XMLSCHEMA1] section 2.1) fragment specifies the contents of this complex type.

<xs:complexType name="ct_proof-key">
  <xs:attribute name="exponent" type="xs:string" use="required"/>
  <xs:attribute name="modulus" type="xs:string" use="required"/>
  <xs:attribute name="oldexponent" type="xs:string" use="required"/>
  <xs:attribute name="oldmodulus" type="xs:string" use="required"/>
  <xs:attribute name="oldvalue" type="xs:string" use="required"/>
  <xs:attribute name="value" type="xs:string" use="required"/>
</xs:complexType>