使用RMS API 自定义Office(Word、Excel、PPT)加密策略
什么是RMS:
Microsoft Windows Rights Management 服务 (RMS),是一种与应用程序协作来保护数字内容(不论其何去何从)的安全技术,专为那些需要保护敏感的 Web 内容、文档和电子邮件的用户而设计。用户可以严格规定哪些用户可以打开、读取、修改和重新分发特定内容。组织可以创建权限策略模板,以实施用户应用于内容的策略。
准备工作1:
下载并添加引用以下3个DLL:
Microsoft.Office.Interop.Excel.dll
Microsoft.Office.Interop.PowerPoint.dll
Microsoft.Office.Interop.Word.dll
并在dll的属性中,把“嵌入互操作类型”设为False
添加以下引用:
在添加引用-程序集-扩展中,引用office ,(或引用Microsoft Office 14.0 Object Library)
在添加引用-程序集-框架中,引用PresentationCore和PresentationFramework
准备工作2:
打开word或者Excel等office文件,在信息-保护文档-限制访问-选择连接到权限管理服务器并获取模版,登陆域账号,后续在RMS加密工作将会使用这个域账号进行:
代码:
EncryptFile.cs
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Text;
- using System.Threading.Tasks;
- using Microsoft.Office.Core;
- namespace WindowsFormsApplication1
- {
- class EncryptFile
- {
- /// <summary>
- /// 加密Word
- /// </summary>
- /// <param name="filemodel">文件属性</param>
- /// <param name="path">文件路径</param>
- /// <returns>加密结果</returns>
- public static bool EncryptWord(RMSFileModel filemodel, string path)
- {
- var wordClass = new Microsoft.Office.Interop.Word.ApplicationClass();
- Microsoft.Office.Interop.Word.Document mydoc = wordClass.Documents.Open(filemodel.FSourcePath);
- try
- {
- DateTime exprieDateTime = new DateTime(2027, 05, 19);
- if (mydoc != null)
- {
- mydoc.Activate();
- var irmPremission = mydoc.Permission;
- if (irmPremission.Enabled == true)
- {
- filemodel.FErrorMessage = "加密已加密的Word时错误";
- filemodel.FContent = "当前文档已经加密,操作失败!";
- return false;
- }
- mydoc.Application.Visible = false;
- irmPremission.Enabled = true;
- if (filemodel.Users != null && filemodel.Users.Length > 0)
- {
- foreach (var item in filemodel.Users)
- {
- if (!String.IsNullOrEmpty(ObjIsEmail(item)))
- {
- if (filemodel.FIsFullControl)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionFullControl, exprieDateTime);
- }
- if (filemodel.FIsPrint)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionPrint, exprieDateTime);
- }
- if (filemodel.FIsRead)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionRead, exprieDateTime);
- }
- if (filemodel.FIsSave)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionSave, exprieDateTime);
- }
- if (filemodel.FIsEdit)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionEdit, exprieDateTime);
- }
- }
- }
- }
- else
- {
- irmPremission.Add("Everyone", MsoPermission.msoPermissionEdit, exprieDateTime);
- }
- }
- string tempPath = path + filemodel.FTitle;
- mydoc.SaveAs(tempPath);
- filemodel.FRMSPath = tempPath;
- filemodel.FContent = "加密成功";
- return true;
- }
- catch (Exception ex)
- {
- filemodel.FErrorMessage = "加密Word时错误";
- filemodel.FContent = ex.ToString();
- return false;
- }
- finally
- {
- mydoc.Close();
- wordClass.Quit();
- }
- }
- /// <summary>
- /// 加密Excel
- /// </summary>
- /// <param name="filemodel">文件属性</param>
- /// <param name="path">文件路径</param>
- /// <returns>加密结果</returns>
- public static bool EncryptExcel(RMSFileModel filemodel, string path)
- {
- var excelClass = new Microsoft.Office.Interop.Excel.ApplicationClass();
- var myExecl = excelClass.Workbooks.Open(filemodel.FSourcePath);
- try
- {
- DateTime exprieDateTime = new DateTime(2027, 05, 19);
- if (myExecl != null)
- {
- myExecl.Activate();
- var irmPremission = myExecl.Permission;
- if (irmPremission.Enabled == true)
- {
- filemodel.FErrorMessage = "加密已加密的Excel时错误";
- filemodel.FContent = "当前文档已经加密,操作失败!";
- return false;
- }
- myExecl.Application.Visible = false;
- irmPremission.Enabled = true;
- if (filemodel.Users != null && filemodel.Users.Length > 0)
- {
- foreach (var item in filemodel.Users)
- {
- if (!String.IsNullOrEmpty(ObjIsEmail(item)))
- {
- if (filemodel.FIsFullControl)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionFullControl, exprieDateTime);
- }
- if (filemodel.FIsPrint)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionPrint, exprieDateTime);
- }
- if (filemodel.FIsRead)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionRead, exprieDateTime);
- }
- if (filemodel.FIsSave)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionSave, exprieDateTime);
- }
- if (filemodel.FIsEdit)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionEdit, exprieDateTime);
- }
- }
- }
- }
- else
- {
- irmPremission.Add("Everyone", MsoPermission.msoPermissionEdit, exprieDateTime);
- }
- }
- string tempPath = path + filemodel.FTitle;
- myExecl.SaveAs(tempPath);
- filemodel.FRMSPath = tempPath;
- filemodel.FContent = "加密成功";
- return true;
- }
- catch (Exception ex)
- {
- filemodel.FErrorMessage = "加密Excel时错误";
- filemodel.FContent = ex.ToString();
- return false;
- }
- finally
- {
- myExecl.Close();
- excelClass.Quit();
- }
- }
- /// <summary>
- /// 加密PPT
- /// </summary>
- /// <param name="filemodel">文件属性</param>
- /// <param name="path">文件路径</param>
- /// <returns>加密结果</returns>
- public static bool EncryptPPT(RMSFileModel filemodel, string path)
- {
- var pptClass = new Microsoft.Office.Interop.PowerPoint.ApplicationClass();
- var myppt = pptClass.Presentations.Open(filemodel.FSourcePath, MsoTriState.msoCTrue, MsoTriState.msoCTrue, MsoTriState.msoFalse);
- try
- {
- DateTime exprieDateTime = new DateTime(2027, 05, 19);
- if (myppt != null)
- {
- //myppt.Activate();
- var irmPremission = myppt.Permission;
- if (irmPremission.Enabled == true)
- {
- filemodel.FErrorMessage = "加密已加密的Excel时错误";
- filemodel.FContent = "当前文档已经加密,操作失败!";
- return false;
- }
- //myppt.Application.Visible = false;
- irmPremission.Enabled = true;
- if (filemodel.Users != null && filemodel.Users.Length > 0)
- {
- foreach (var item in filemodel.Users)
- {
- if (!String.IsNullOrEmpty(ObjIsEmail(item)))
- {
- if (filemodel.FIsFullControl)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionFullControl, exprieDateTime);
- }
- if (filemodel.FIsPrint)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionPrint, exprieDateTime);
- }
- if (filemodel.FIsRead)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionRead, exprieDateTime);
- }
- if (filemodel.FIsSave)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionSave, exprieDateTime);
- }
- if (filemodel.FIsEdit)
- {
- irmPremission.Add(item, MsoPermission.msoPermissionEdit, exprieDateTime);
- }
- }
- }
- }
- else
- {
- irmPremission.Add("Everyone", MsoPermission.msoPermissionEdit, exprieDateTime);
- }
- }
- string tempPath = path + filemodel.FTitle;
- myppt.SaveAs(tempPath);
- filemodel.FRMSPath = tempPath;
- filemodel.FContent = "加密成功";
- return true;
- }
- catch (Exception ex)
- {
- filemodel.FErrorMessage = "加密PPT时错误";
- filemodel.FContent = ex.ToString();
- return false;
- }
- finally
- {
- myppt.Close();
- pptClass.Quit();
- }
- }
- /// <summary>
- /// 清理Office进程
- /// </summary>
- public static void KillOfficeProcess()
- {
- try
- {
- var proWord = System.Diagnostics.Process.GetProcessesByName("WinWord");
- foreach (var word in proWord)
- {
- word.Kill();
- }
- var proExcel = System.Diagnostics.Process.GetProcessesByName("Excel");
- foreach (var excel in proExcel)
- {
- excel.Kill();
- }
- var proPPT = System.Diagnostics.Process.GetProcessesByName("POWERPNT");
- foreach (var ppt in proPPT)
- {
- ppt.Kill();
- }
- }
- catch (Exception)
- {
- throw;
- }
- }
- /// <summary>
- /// Object判断并转为Email(String格式)
- /// </summary>
- /// <param name="o">Object</param>
- /// <returns>Email</returns>
- public static string ObjIsEmail(object o)
- {
- string email = ObjToStr(o);
- if (!String.IsNullOrEmpty(email))
- {
- if (email.IndexOf("@") > -1)
- {
- return email;
- }
- else
- {
- return "";
- }
- }
- else
- {
- return "";
- }
- }
- /// <summary>
- /// Object转String
- /// </summary>
- /// <param name="o">Object</param>
- /// <returns>String</returns>
- public static string ObjToStr(object o)
- {
- if (o == null)
- {
- return "";
- }
- else
- {
- return o.ToString();
- }
- }
- }
- }
RMSFileModel.cs
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Text;
- using System.Threading.Tasks;
- namespace WindowsFormsApplication1
- {
- public class RMSFileModel
- {
- /// <summary>
- /// 文件ID
- /// </summary>
- public int FID { get; set; }
- /// <summary>
- /// 完全控制
- /// </summary>
- public bool FIsFullControl { get; set; }
- /// <summary>
- /// 只读
- /// </summary>
- public bool FIsRead { get; set; }
- /// <summary>
- /// 打印
- /// </summary>
- public bool FIsPrint { get; set; }
- /// <summary>
- /// 另存
- /// </summary>
- public bool FIsSave { get; set; }
- /// <summary>
- /// 编辑
- /// </summary>
- public bool FIsEdit { get; set; }
- /// <summary>
- /// 文件名
- /// </summary>
- public string FTitle { get; set; }
- /// <summary>
- /// 在线URL路径(源文件路径)
- /// </summary>
- public string FUrlSourcePath { get; set; }
- /// <summary>
- /// 在线URL路径(加密后的文件路径)
- /// </summary>
- public string FUrlRMSPath { get; set; }
- /// <summary>
- /// 应用到用户
- /// </summary>
- public string[] Users { get; set; }
- /// <summary>
- /// 加密状态
- /// </summary>
- public string FState { get; set; }
- /// <summary>
- /// 加密错误分类
- /// </summary>
- public string FErrorMessage { get; set; }
- /// <summary>
- /// 加密详情
- /// </summary>
- public string FContent { get; set; }
- /// <summary>
- /// 本地物理路径(源文件)
- /// </summary>
- public string FSourcePath { get; set; }
- /// <summary>
- /// 本地物理路径(加密后的文件)
- /// </summary>
- public string FRMSPath { get; set; }
- }
- }
调用:
- /// <summary>
- /// 执行加密操作
- /// </summary>
- /// <param name="fileModel">文件属性</param>
- /// <returns>加密结果</returns>
- private bool HandleRMS(RMSFileModel fileModel)
- {
- try
- {
- //确认路径及创建文件夹
- string path = System.Windows.Forms.Application.StartupPath + "\\App_Data\\RMSFile\\";
- if (!Directory.Exists(path))
- {
- Directory.CreateDirectory(path);
- }
- //清理Office进程
- EncryptFile.KillOfficeProcess();
- string extension = Path.GetExtension(fileModel.FSourcePath).ToLower();//获取扩展名
- if (extension.IndexOf("doc") > -1)
- {
- return Common.EncryptFile.EncryptWord(fileModel, path);
- }
- if (extension.IndexOf("xls") > -1)
- {
- return Common.EncryptFile.EncryptExcel(fileModel, path);
- }
- if (extension.IndexOf("ppt") > -1)
- {
- return Common.EncryptFile.EncryptPPT(fileModel, path);
- }
- fileModel.FErrorMessage = "格式错误";
- fileModel.FContent = "无法加密该格式的文件";
- return false;
- }
- catch (Exception ex)
- {
- fileModel.FErrorMessage = "获取文件扩展名错误";
- fileModel.FContent = ex.ToString();
- return false;
- }
- }
谢谢!
