2.2.6.2 Office Binary Document RC4 Encryption

In a file that is password protected by using Office binary document RC4 encryption as specified in [MS-OFFCRYPTO] section 2.3.6, FibBase.fEncrypted MUST be 1 and FibBase.fObfuscated MUST be 0.

The EncryptionHeader, as specified in [MS-OFFCRYPTO] section 2.3.6.1, MUST be written in unencrypted form in the first FibBase.lKey bytes of the Table stream. The remainder of the Table stream, the WordDocument stream beyond the initial 68 bytes, and the entire Data stream MUST be encrypted.

These three streams of data MUST be encrypted in 512-byte blocks. The block number MUST be set to zero at the beginning of the stream and MUST be incremented at each 512-byte boundary. The encryption algorithm MUST be carried out at the beginning of the Table stream and the WordDocument stream even though some of the bytes are written in unencrypted form.

All other streams and storages MUST NOT be encrypted.