使用 MIP SDK 解密 .msg 文件时出现异常:NoPolicyException:标签策略不包含数据

Exception decrypting .msg files using MIP SDK: NoPolicyException: Label policy did not contain data

我按照 this and 使用 MIP SDK 解密 .msg。以下是我的代码:

class Program
    private const string clientId = "[test client id here]";
    private const string appName = "MIPSDKTestApp";

    static void Main(string[] args)
        Console.WriteLine("Provide path to protected msg file:");
        string inputFilePath = Console.ReadLine();
        string outputFilePath = Path.Combine(Path.GetDirectoryName(inputFilePath), "Unprotected_" + Path.GetFileName(inputFilePath));

        // Initialize Wrapper for File API operations.

        // Create ApplicationInfo, setting the clientID from Azure AD App Registration as the ApplicationId.
        ApplicationInfo appInfo = new ApplicationInfo()
            ApplicationId = clientId,
            ApplicationName = appName,
            ApplicationVersion = "1.0.0"

        // Instantiate the AuthDelegateImpl object, passing in AppInfo.
        AuthDelegateImplementation authDelegate = new AuthDelegateImplementation(appInfo);

        MipContext mipContext = MIP.CreateMipContext(appInfo,

        // Initialize and instantiate the File Profile.
        // Create the FileProfileSettings object.
        // Initialize file profile settings to create/use local state.
        var profileSettings = new FileProfileSettings(mipContext,
                                 new ConsentDelegateImplementation());

        // Load the Profile async and wait for the result.
        var fileProfile = Task.Run(async () => await MIP.LoadFileProfileAsync(profileSettings)).Result;

        // Create a FileEngineSettings object, then use that to add an engine to the profile.
        var customSettings = new List<KeyValuePair<string, string>>();
        customSettings.Add(new KeyValuePair<string, string>("enable_msg_file_type", "true"));

        // Create a FileEngineSettings object, then use that to add an engine to the profile.
        var engineSettings = new FileEngineSettings("[user@tenant]", authDelegate, "", CultureInfo.CurrentCulture.Name);
        engineSettings.Identity = new Identity("[user@tenant]");

        //set custom settings for the engine
        engineSettings.CustomSettings = customSettings;

        var fileEngine = Task.Run(async () => await fileProfile.AddEngineAsync(engineSettings)).Result; // EXCEPTION THROWN HERE

        var handler = Task.Run(async () => await fileEngine.CreateFileHandlerAsync(inputFilePath,


        var result = Task.Run(async () => await handler.CommitAsync(outputFilePath)).Result;
        // Application Shutdown
        handler = null; // This will be used in later quick starts.
        fileEngine = null;
        fileProfile = null;
        mipContext = null;




您似乎尚未在安全与合规中心 (https://security.microsoft.com) 中配置或发布标签策略。


engineSettings.ProtectionOnlyEngine = true;

这将跳过加载策略,应该允许您解密 MSG 文件。不过,在您发布标签策略并删除该设置之前,您将无法读取或应用标签。