Reading a PFILE protected PDF
Hello,
We've heard a request for a simple code example for reading a PFILE protected PDF file so, here's a code snippet (below) that accomplishes the basic option. In order to preserve and enforce the protected document’s rights the app will need to get the license key then check the rights of the current user before decryption the file.
NOTE: Only use the RMS_AWARE flag only if you are going to properly enforce the rights.
// get the license and key
PCWSTR wszInputFilePath = …; // input file path
PIPC_BUFFER pvLicense = NULL;
IPC_KEY_HANDLE hKey = NULL;
hr = IpcfGetSerializedLicenseFromFile(wszInputFilePath, &pvLicense);
hr = IpcGetKey(pvLicense, 0, NULL, NULL, &hKey);
// check access rights and proceed if the user has sufficient rigths
BOOL fCanPrint = FALSE, fCanComment = FALSE;
hr = IpcAccessCheck(hKey, IPC_GENERIC_PRINT, &fCanPrint);
hr = IpcAccessCheck(hKey, IPC_GENERIC_COMMENT, &fCanComment);
// decrypt the protected file if the user has the sufficient rights
// if (fCanPrint & fCanComment)
PCWSTR wszOutputDirectory = …; // directory to output the decrypted file (e.g. temp directory)
PCWSTR wszOutputFilePath = NULL; // output parameter to return the path of the decrypted file
hr = IpcfDecryptFile(wszInputFilePath, IPCF_DF_FLAG_OPEN_AS_RMS_AWARE, NULL, wszOutputDirectory, &wszOutputFilePath);
// clean up
IpcFreeMemory(const_cast<PWSTR>(wszOutputFilePath));
IpcFreeMemory(pvLicense);
IpcCloseHandle(reinterpret_cast<IPC_HANDLE>(hKey));
Bruce Perler on behalf of Dan Plastina
Comments
- Anonymous
November 17, 2015
hello The program which run by a domain user read permissions from file protected by policy of Windows azure right management service. code snippet byte[] licenseByte = SafeFileApiNativeMethods.IpcfGetSerializedLicenseFromFile("C:\test.docx"); SafeInformationProtectionKeyHandle keyHandle= SafeNativeMethods.IpcGetKey(licenseByte , false, false, false); TemplateInfo template = SafeNativeMethods.IpcGetSerializedLicenseDescriptor(licenseByte , keyHandle, null); domain user: rmsuser1 online service account:Lucy@detecter.com when the second row is executed,a excepiton is thrown Microsoft.InformationProtectionAndControl.InformationProtectionException: You have not been granted the rights necessary to complete the specified operation. Contact the content owner for additional rights. HRESULT: 0x80040211 How to resolve it,can you help me Thanks