使用MIP SDK解密加密的Office 365电子邮件 [英] Decrypting an encrypted office 365 email using MIP SDK

问题描述

我正在关注论坛主题: Azure信息保护|如何解密来自EWS API的.EML?

I am following the forum thread: Azure Information Protection | How to decrypt .EMLs coming from EWS API?

我有兴趣了解解密加密的Office 365电子邮件的步骤. 您能对以下内容发表评论吗?

I am interested in knowing the steps to decrypt an encrypted office 365 email. Can you please comment on the following:

1. 正如您提到的那样，必须将电子邮件转换为.msg文件，所以我的问题是，在将电子邮件(我认为是Mime流)写入msg文件之后，该文件是否将继续加密?

1. As you mentioned that one has to convert the email to .msg file, so my question is, after writing the email (i think Mime stream) to msg file, would the file persists the encryption?

当我们使用EWS api阅读电子邮件时，.rpmsg文件在解密中的作用是什么?解密是加密电子邮件中的附件?

What is the role of .rpmsg file in decryption, which is the attachment inside the encrypted emails, when we read the email using EWS api?

我已经探索了MIP保护和File Api.因此，要使用SetLabel加密文件，我们需要一个敏感标签(来自Office 365 Compliance)，我认为我们必须使用相同的标签来解密电子邮件，然后使用该标签对电子邮件进行加密.同样，是否可以从转换后的.msg文件中获取标签?

I have explored MIP Protection and File Api. So to encrypt a file using SetLabel ,we need a Sensitivity Label (from Office 365 Compliance), I think we would have to use the same label to decrypt an email, using which, the email was encrypted. Again, would it be possible to get the label from converted .msg file?

我在上述论坛链接中提到的F​​ileHandler对象中找不到 Inspect 方法\功能.您能建议如何找到答案吗?

I could not find Inspect method\function in FileHandler object, which you mentioned in above mentioned forum link. Can you please suggest how to find that out?

因此，总而言之，我只想知道使用FileHandler.RemoveProtection()和FileHandler.CommitAsync()来解密加密电子邮件的步骤.

谢谢

推荐答案

其中一个步骤是，SDK容器附带了示例应用程序(

There's a step that it's the sample application that ships with the SDK bins (https://aka.ms/mipsdkbins). We have a draft about ready to publish in docs, but I don't expect that to be available for a week or two.

如果您使用的是C#，则可以使用它启用功能标记.

If you're using C#, you can use this to enable the feature flag.

var customSettings = new List<KeyValuePair<string, string>>();
customSettings.Add(new KeyValuePair<string, string>("enable_msg_file_type", "true"));

// Create a FileEngineSettings object, then use that to add an engine to the profile.
var engineSettings = new FileEngineSettings("user1@tenant.com", "", "en-US");
engineSettings.Identity = new Identity("user1@tenant.com");

//set custom settings for the engine
engineSettings.CustomSettings = customSettings;

这将使您的应用程序能够解密MSG文件并使用检查功能可将message.rpmsg文件解密为字节流.

That will enable your application to decrypt MSG files and to use the Inspect functionality to decrypt message.rpmsg files to byte streams.

请注意，我们不直接支持EML(兼容MIME)消息的解密.您需要转换为MSG或解密从MIME消息中提取的message.rpsmg文件.

It's important to note that we don't directly support decryption of EML (MIME compliant) messages. You'd need to convert to MSG or decrypt the message.rpsmg file extracted from the MIME message.

要回答您的问题:

1. 是的.将EML转换为MSG，并保留加密.您应该能够解密.
2. Message.rpmsg是一个加密信封，其中包含纯文本邮件正文和所有附件.您可以使用Inspect函数来获取解密的字节和附件.请记住，附件也可能被加密，您需要自己递归解密.
3. 您不需要标签信息即可解密邮件.如果要引用MSG文件，则可以使用FileHandler.RemoveProtection()函数或GetDecryptedTemporaryFileAsync()(或流选项).
4. 如果您使用的是.NET，我们不会在1.5(仅C ++)中公开它.我们计划在下周发布MIP SDK 1.6，并将在那里提供.

1. Yes. Convert EML to MSG and the encryption remains. You should be able to decrypt.
2. Message.rpmsg is an encryption envelope that contains the plaintext mail body and all attachments. You can use the Inspect function to get the decrypted bytes and attachments. Keep in mind that attachments might also be encrypted and that you'll need to recursively decrypt on your own.
3. You don't need the label information to decrypt the message. If you're referring to MSG files, you can use the FileHandler.RemoveProtection() function or GetDecryptedTemporaryFileAsync() (or the stream option).
4. If you're using .NET, we didn't expose it in 1.5 (C++ only). We plan to release MIP SDK 1.6 in the next week and it will be available there.

这篇关于使用MIP SDK解密加密的Office 365电子邮件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！