There's a lot of stuff in the MS-OFFCRYPTO document which is necessary in theory, so Microsoft *has* to document it, but which is overkill when considering the needs of just decrypting an Office 2007 document.
While a normal Office 2007 document is a zip file, an encrypted document is an OLE storage file. While an Office 2007 document can be manipulated using the System.Security.Cryptography.Package class, encrypted documents must be handled using the Windows API Storage interfaces and functions. The code that will be attached contains a class that wraps these interfaces functions so you will be able to open and access the file contents.
The reason the file is a storage file rather a zip file seems to be because the Office 2007 team tried to use the Microsoft DRM to implement Office encryption. Micrsoft's DRM technology stores both the payload (the encrypted document) and other information decribing the encryption algorithms and other transforms used to obfuscate the payload. A DRM compliant application can use this information to decode the payload (assuming the application knows the password or license). As a result the DRM technology allows a producer application to use any arbitrary encryption algorithms to create an encrypted payload and describe these algorithms so an capable consumer can decode the payload.
However, Office 2007 doesn't really use the whole DRM infrastructure when encrypting Office documents. Presumably DRM is used so that if a company wants to use the DRM infrastructure to encrypt documents using some proprietary algorithm they can.
In some senses the Office team implements a proprietary encryption mechanism but for some reason, they chose to do so in a way that is not (cannot?) be descibed in DRM compliant terms. A measure of the impact of this approach is that the System.Security.Cryptography.Package class is unable to open an encrpted Office file.
On the plus side, it does mean there's no need to plough through all the DRM encrption/transform descriptions. Instead, you can take a shortcut and read just two streams from the storage file and ignore the rest! The streams to read are EncryptionInfo and EncryptedPackage.
No comments:
Post a Comment