时间戳

首页 > 解决方案 > 使用 MIP SDK 解密 .msg 文件时出现异常:NoPolicyException:标签策略不包含数据

c# - 使用 MIP SDK 解密 .msg 文件时出现异常:NoPolicyException:标签策略不包含数据

问题描述

我按照这个这个使用 MIP SDK 解密 .msg。以下是我的代码:

class Program
{
    private const string clientId = "[test client id here]";
    private const string appName = "MIPSDKTestApp";

    static void Main(string[] args)
    {
        Console.WriteLine("Provide path to protected msg file:");
        string inputFilePath = Console.ReadLine();
        string outputFilePath = Path.Combine(Path.GetDirectoryName(inputFilePath), "Unprotected_" + Path.GetFileName(inputFilePath));

        // Initialize Wrapper for File API operations.
        MIP.Initialize(MipComponent.File);

        // Create ApplicationInfo, setting the clientID from Azure AD App Registration as the ApplicationId.
        ApplicationInfo appInfo = new ApplicationInfo()
        {
            ApplicationId = clientId,
            ApplicationName = appName,
            ApplicationVersion = "1.0.0"
        };

        // Instantiate the AuthDelegateImpl object, passing in AppInfo.
        AuthDelegateImplementation authDelegate = new AuthDelegateImplementation(appInfo);

        MipContext mipContext = MIP.CreateMipContext(appInfo,
                                 "mip_data",
                                 LogLevel.Trace,
                                 null,
                                 null);

        // Initialize and instantiate the File Profile.
        // Create the FileProfileSettings object.
        // Initialize file profile settings to create/use local state.
        var profileSettings = new FileProfileSettings(mipContext,
                                 CacheStorageType.OnDiskEncrypted,
                                 new ConsentDelegateImplementation());

        // Load the Profile async and wait for the result.
        var fileProfile = Task.Run(async () => await MIP.LoadFileProfileAsync(profileSettings)).Result;

        // Create a FileEngineSettings object, then use that to add an engine to the profile.
        var customSettings = new List<KeyValuePair<string, string>>();
        customSettings.Add(new KeyValuePair<string, string>("enable_msg_file_type", "true"));

        // Create a FileEngineSettings object, then use that to add an engine to the profile.
        var engineSettings = new FileEngineSettings("[user@tenant]", authDelegate, "", CultureInfo.CurrentCulture.Name);
        engineSettings.Identity = new Identity("[user@tenant]");

        //set custom settings for the engine
        engineSettings.CustomSettings = customSettings;

        var fileEngine = Task.Run(async () => await fileProfile.AddEngineAsync(engineSettings)).Result; // EXCEPTION THROWN HERE

        var handler = Task.Run(async () => await fileEngine.CreateFileHandlerAsync(inputFilePath,
                                                                inputFilePath,
                                                                true)).Result;

        handler.RemoveProtection();

        var result = Task.Run(async () => await handler.CommitAsync(outputFilePath)).Result;
        
        // Application Shutdown
        handler = null; // This will be used in later quick starts.
        fileEngine = null;
        fileProfile = null;
        mipContext = null;

    }
}

但是它会引发以下错误:

NoPolicyException:标签策略不包含数据,CorrelationId=3268dfdf-2ea3-4958-9c72-fe88ae3c6f59,CorrelationId.Description=PolicyProfile,NoPolicyError.Category=SyncFile,NoPolicyError.Category=SyncFile

var fileEngine = Task.Run(async () => await fileProfile.AddEngineAsync(engineSettings)).Result;

能不能指出我做错了什么?

标签: c#microsoft-information-protection

解决方案

您似乎尚未在安全与合规中心 ( https://security.microsoft.com ) 中配置或发布标签策略。

对于此用例,您不一定需要发布标签。将此添加到您的引擎设置中:

engineSettings.ProtectionOnlyEngine = true;

这将跳过加载策略,并且应该允许您解密 MSG 文件。但是,在您发布标签策略并删除该设置之前,您将无法读取或应用标签。

推荐阅读