We're please to announce general availability of the Microsoft Information Protection SDK version 1.2!
Downloads are available via NuGet or direct downloads for all platforms.
In addition to the list of currently supported platforms, we are happy to announce support for the Protection API on iOS.
ProxyAuthError
is thrown across MIP SDK if a proxy is configured to require authentication.NoAuthTokenError
is thrown across MIP SDK if an empty auth token is returned from mip::AuthDelegate::AcquireOAuth2Token
.mip::ContentState
to mip::DataState
.TaskDispatcherDelegate
in the File, Protection, or Policy Profile.mip::FileExecutionState::GetAuditMetadata
can be implemented by applications to specify detailed information to surface to a tenant admin's audit dashboard.Since releasing the MIP SDK 1.0 in September of 2018, a common request from our ISV partners and customers has been to add support for decryption of protected mail. In version 1.2 we're providing a public preview of the MSG file parser. Common protection and permutations of MSG files are supported in this first release. Protected emails and attachments in those mails will be decrypted and the resulting output will be an MSG file, decrypted, that resembles the original encrypted message.
The scenarios we've heard of from customers where this functionality is of particular interest are generally related to:
As part of discovery, mail must be searched, decrypted, and provided to attorneys, or other groups, for litigation and supporting activities. The SDK can now help to decrypt those MSG files.
DLP products have a need to decrypt outbound items to scan for violations of DLP policy. DLP vendors will be able to use the SDK to decrypt mail messages to scan. Once the scan is complete, the decrypted copy is discarded and the encrypted copy is sent or blocked, depending on the result of the scan.
Many organizations have requirements to send mail to 3rd party systems for journaling. Today, encrypted mail makes those systems unable to search or discover any of the mail information. Journaling connectors can be made to use the MIP SDK to decrypt the message prior to sending to the journaling service.
A few important notes:
We've set the MSG parsing capabilities behind a feature flag for now. Enabling the feature requires setting CustomSettings
in FileEngineSettings
prior to adding the engine.
List<KeyValuePair<string, string>> customSettings = new List<KeyValuePair<string, string>>(); customSettings.Add(new KeyValuePair<string, string>("enable_msg_file_type", "true")); //Enable msg file type. var engineSettings = new FileEngineSettings("", "", "en-US") { Identity = identity, CustomSettings = customSettings // Add custom settings to engine. };
FileEngine::Settings engineSettings(mip::Identity(mUsername), "", "en-US", false); std::vector<std::pair<std::string, std::string>> customSettings; // Create custom settings vector (pairs of strings). customSettings.emplace_back(mip::GetCustomSettingEnableMsgFileType(), "true"); // Enable msg format for sample application testing. engineSettings.SetCustomSettings(customSettings); // Set custom settings, then pass settings to AddEngineAsync().
Once set, you'll be able to remove protection from MSG files.
New in 1.2, we've introduced a function called ReleaseAllResources()
. This function should be called prior to shutdown, after clearing references to all existing handlers, profiles, and engines. A sample implementation might look like:
~MyMipClass() {
profile = nullptr;
engine = nullptr;
handler = nullptr;
mip::ReleaseAllResources();
}
The pattern is similar in .NET. Prior to application shutdown, null the existing objects and call MIP.ReleaseAllResources()
.
We've updated the docs and samples for this release. Please submit any feedback or questions on the samples in the GitHub projects!
mip::ClassificationResult::GetSensitiveInformationDetections
mip::FileEngine::GetLastPolicyFetchTime
mip::FileEngine::GetDefaultSensitivityLabel
mip::FileEngine::GetPolicyId
mip::FileEngine::HasClassificationRules
mip::FileEngine::Settings::SetPolicyCloudEndpointBaseUrl
mip::FileHandler::GetDecryptedTemporaryFileAsync
mip::FileHandler::Observer::OnGetDecryptedTemporaryFileFailure
mip::FileHandler::Observer::OnGetDecryptedTemporaryFileSuccess
mip::File/Policy/ProtectionProfile::SetTaskDispatcherDelegate
mip::File/Policy/ProtectionProfile::SetTelemetryConfiguration
mip::HttpRequest::GetId
mip::PolicyEngine::GetLastPolicyFetchTime
mip::PolicyEngine::GetPolicyId
mip::PolicyEngine::HasClassificationRules
mip::PolicyEngine::Settings::SetCloudEndpointBaseUrl
mip::ProtectionDescriptor::GetContentId
mip::TaskDispatcherDelegate
mip::ReleaseAllResources
mip::ReleaseAllResources
must be called prior to process termination (after clearing references to all Profiles, Engines, and Handlers)mip::ExecutionState::GetClassificationResults
return type and "classificationIds" parameter has changed. Existing ExecutionState
implementations must be updated.mip::FileExecutionState::GetDataState
can be implemented by applications to specify how an application is interacting with contentIdentifiermip::HttpDelegate
interface requires CancelOperation
and CancelAllOperations
methodsmip::HttpDelegate
interface Send
and SendAsync
return mip::HttpOperation
instead of mip::HttpResponse
mip::HttpResponse::GetBody
returns std::vector<uint8_t>
instead of std::string
mip::HttpResponse
interface requires GetId
method implementationmip::ContentLabel::GetCreationTime
return std::chrono::time_point
instead of std::string
mip::FileEngine::CreateFileHandlerAsync
no longer accepts 'contentIdentifier' parametermip::FileHandler
will now throw mip::AdhocProtectionRequiredError
if ad hoc protection is required prior to applying a label.mip::HttpRequest::GetBody
returns std::vector<uint8_t>
instead of std::string
.mip::OperationCancelledError
exception is thrown when an operation has been cancelled due to shutdown or HTTP cancellation.HttpDelegate
.- Tom Moser
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.