Discuss this help topic in SecureBlackbox Forum
Encrypt document with agile encryption handler
To encrypt OpenXML (Office Open XML, OOXML) document using agile encryption handler
To specify the password to use with the agile encryption handler you need to call AddPasswordKeyEncryptor() method, which creates TElOfficeOpenXMLPasswordKeyEncryptor object and initializes it with the password, passed in the method's parameter. MS Office supports just one password encryptor per handler. You can set encryption algorithm via CipherAlgorithm property of the handler. Agile encryption handler supports 128- , 192-, 256-bit AES as well as RC2, RC4, DES, Triple DES encryption algorithms.
C#:
void EncryptOpenXMLAgile(string sourceFilename, string destFilename, string password)
{
TElOfficeDocument Document = new TElOfficeDocument();
TElOfficeOpenXMLAgileEncryptionHandler AgileEncryptionHandler = new TElOfficeOpenXMLAgileEncryptionHandler();
try
{
Document.Open(sourceFilename);
if ((Document.DocumentFormat != TSBOfficeDocumentFormat.OpenXML) && !Document.Encryptable)
throw new Exception("Cannot encrypt OpenXML document using Agile encryption handler");
AgileEncryptionHandler.CipherAlgorithm = SBConstants.Unit.SB_ALGORITHM_CNT_AES128;
AgileEncryptionHandler.HashAlgorithm = SBConstants.Unit.SB_ALGORITHM_DGST_SHA1;
int k = AgileEncryptionHandler.AddPasswordKeyEncryptor(password);
// below are default settings of TElOfficeOpenXMLPasswordKeyEncryptor class
TElOfficeOpenXMLPasswordKeyEncryptor PasswordKeyEncryptor = (TElOfficeOpenXMLPasswordKeyEncryptor)AgileEncryptionHandler.get_KeyEncryptors(k);
PasswordKeyEncryptor.CipherAlgorithm = SBConstants.Unit.SB_ALGORITHM_CNT_AES128;
PasswordKeyEncryptor.HashAlgorithm = SBConstants.Unit.SB_ALGORITHM_DGST_SHA1;
PasswordKeyEncryptor.SpinCount = 100000;
PasswordKeyEncryptor.SaltSize = 16;
Document.EncryptionHandler = AgileEncryptionHandler;
using (FileStream f = new FileStream(destFilename, FileMode.CreateNew))
{
Document.EncryptTo(f);
}
}
finally
{
Document.Dispose();
AgileEncryptionHandler.Dispose();
}
}
procedure EncryptOpenXMLAgile(const SourceFilename, DestFilename, Password : string);
var
Document : TElOfficeDocument;
AgileEncryptionHandler : TElOfficeOpenXMLAgileEncryptionHandler;
F : TFileStream;
k : Integer;
begin
Document := TElOfficeDocument.Create(nil);
AgileEncryptionHandler := TElOfficeOpenXMLAgileEncryptionHandler.Create(nil);
try
Document.Open(SourceFilename);
if (Document.DocumentFormat <> dfOpenXML) and not Document.Encryptable then
raise Exception.Create('Cannot encrypt OpenXML document using Agile encryption handler');
AgileEncryptionHandler.CipherAlgorithm := SB_ALGORITHM_CNT_AES128;
AgileEncryptionHandler.HashAlgorithm := SB_ALGORITHM_DGST_SHA1;
k := AgileEncryptionHandler.AddPasswordKeyEncryptor(Password);
// below are default settings of TElOfficeOpenXMLPasswordKeyEncryptor class
with TElOfficeOpenXMLPasswordKeyEncryptor(AgileEncryptionHandler.KeyEncryptors[k]) do
begin
CipherAlgorithm := SB_ALGORITHM_CNT_AES128;
HashAlgorithm := SB_ALGORITHM_DGST_SHA1;
SpinCount := 100000;
SaltSize := 16;
end;
Document.EncryptionHandler := AgileEncryptionHandler;
F := TFileStream.Create(DestFilename, fmCreate or fmShareDenyWrite);
try
Document.EncryptTo(F);
finally
FreeAndNil(F);
end;
finally
FreeAndNil(Document);
FreeAndNil(AgileEncryptionHandler);
end;
end;