CODEWITHSUNDEEP
imageencryptiongoogle-apps-script
Nathaniel MacIver
Nathaniel MacIver

Reputation: 397

Google Drive encrypt image with Apps Script? (cCryptoGS)

So my company is green-lighting a project where we will be working with confidential images stored in Google Drive. We have the drive set to just a few people, but I've been asked to make a web app in Google Apps Script so users can access the data from there without knowing it's actually stored on Drive.

I feel a little uncomfortable that we have jpegs and pngs of sensitive information on a Team Drive in our GSuite domain. I'd rather store the images in an encrypted format instead if possible.

I discovered an AES encryption library named CryptoGS (A Derivative of the mainstream JavaScript library CryptoJS) That seems to work fine with text and such. I was hoping to leverage it to create encrypted versions of google Drive files and decrypt them only in my webapp. That way the files would be useless if an insider went rogue and downloaded the date from Google drive to sell to a competitor.

Here is my test code to see if I can run a two-way encryption scheme. You can run the same code yourself by creating your own code on script.google.com and adding the library MSJnPeIon6nzdLewGV60xWqi_d-phDA33 (Instructions on how to add a library here)

function TestEncryption()
{
  //Add library MSJnPeIon6nzdLewGV60xWqi_d-phDA33 to project to access CryptoGS functions
  
  var hash = "This is my secret passphrase";  
  var cipher = new cCryptoGS.Cipher(hash, 'aes');

  var origFile = DriveApp.getFileById("ID of an example file");
  
  var blob = origFile.getBlob().getDataAsString();
  
  var encryptedBlob = cipher.encrypt(blob);
  
  var encryptedFile = DriveApp.createFile("ENCRYPTEDTest", encryptedBlob);
  
  var newBlob = encryptedFile.getBlob().getDataAsString();
  
  var decryptedBlob = cipher.decrypt(newBlob);
  
  var decryptedFile = DriveApp.createFile("DECRYPTEDTest", decryptedBlob);
  
  
}

Basically, after testing on a .GIF file, I get a scrambled file named ENCRYPTEDTest, and an image file named DECRYPTEDTest that is corrupted and unusable even after downloading to my desktop. Would it be an easy fix to adapt this encryption method to successfully secure images on Google Drive?

Upvotes: 1

Views: 825

Answers (1)

Tanaike
Tanaike

Reputation: 201613

I thought that when the binary data is directly used, the corruption of data might occur. So how about this modification?

Modification points:

  • Use the byte array instead of the blob.
    • Modify from getBlob().getDataAsString() to getBytes().toString().
  • When the data is decoded, the number values are converted to the byte array, and converted to the blob.

I think that there are several workarounds. So please think of this as one of them.

Modified script:

function TestEncryption()
{
  //Add library MSJnPeIon6nzdLewGV60xWqi_d-phDA33 to project to access CryptoGS functions

  var hash = "This is my secret passphrase";
  var cipher = new cCryptoGS.Cipher(hash, 'aes');

  // Encode
  var origFile = DriveApp.getFileById("ID of an example file");
  var mimeType = origFile.getMimeType(); // Added
  var blob = origFile.getBlob().getBytes().toString(); // Modified
  var encryptedBlob = cipher.encrypt(blob);
  var encryptedFile = DriveApp.createFile("ENCRYPTEDTest", encryptedBlob);
  var newBlob = encryptedFile.getBlob().getDataAsString();

  // Decode
  var decryptedBlob = cipher.decrypt(newBlob);
  var b = Utilities.newBlob(decryptedBlob.split(","), mimeType, "DECRYPTEDTest"); // Added
  var decryptedFile = DriveApp.createFile(b); // Modified
}

References:

If I misunderstand your question, please tell me. I would like to modify it.

Upvotes: 2

Related Questions