Instant encryption

Home Forums Classic DFFS Instant encryption

Tagged: 

Viewing 2 reply threads
  • Author
    Posts
    • #14362
      Eric Dickerson
      Participant

        As a systems designer I get a lot of requests for “security” in sharepoint… my answer is always, we can hide it, but it’s not secure. If you don’t want it to be seen, don’t put it in Sharepoint.

        In thinking about some options for workarounds, it occurred to me that there may be an workaround in DFFS… encryption.

        1) User enters text in a DFFS form field (say an employees salary for example, or SSN) and that entry is changed to an encrypted version of that text either immediately or on save.

        2) that information resides in the Sharepoint list as encrypted data in a text field… no one can read it, in list views, exports to Excel, etc.

        3) Using DFFS’s rules for logged in user, you can set a rule that says “if logged in user is…” then show them the decrypted version.

        Any thoughts on this… seems like a powerful tool for a common SharePoint complaint.

      • #14497
        Alexander Bautz
        Keymaster

          Hi,
          Good idea – here is a relatively simple approach that might be good enough for most users. Add this code to the Custom JS in NewForm and in EditForm:

          var dffs_ed = {
              "s":{},
              "e":function(fin){
                  var val = getFieldValue(fin), nVal = [], padMe;
                  padMe = function(a){
                      var b = String(a).split(""), chr = "abcdefghiklmnopqrstuvwxyz'!#¤%&/()=?^~'_:;-", i, s;
                      while(b.length < 7){
                          i = Math.floor(Math.random() * chr.length);
                          s = Math.floor(Math.random() * b.length);
                          b.splice(s,0,chr.substring(i,i+1));   
                      }
                      return b.join("");
                  };
                  $.each(val.split(""),function(i,c){
                     nVal.push(padMe(c.charCodeAt(0)));
                  });
                  setFieldValue(fin,"DFFS::ENCRYPTED"+nVal.reverse().join(""));
              },
              "d":function(fin){
                  var arr = getFieldValue(fin).replace("DFFS::ENCRYPTED","").match(/.{1,7}/g), nVal = [];
                  $.each(arr,function(i,r){
                      nVal.push(String.fromCharCode(r.replace(/[^\d]/g,""))); 
                  });
                  setFieldValue(fin,nVal.reverse().join(""));
              }
          };
          
          function doDecrypt(){
              var fin = "PlainTextFieldName";
              if(getFieldValue(fin).indexOf("DFFS::ENCRYPTED") === 0){
                  dffs_ed.d(fin);
                  dffs_ed.s[fin] = true;
              }
          }
          
          function dffs_PreSaveAction(){
              var fin = "PlainTextFieldName";
              if(getFieldValue(fin).indexOf("DFFS::ENCRYPTED") < 0){
                  dffs_ed.e(fin);
              }
          }

          You must replace “PlainTextFieldName” with the name of your field, and place note that this approach will only work for Plain text columns.

          This code will encrypt the contents on save, and will decrypt it when the function “doDecrypt” is called from a rule (in EditForm).

          As you see, no “key” is used to encrypt or decrypt, and a person with a bit of knowledge can open the dev console and see whats going on, but it’s a starting point if you want to have a go.

          Please post back if you improve the code or have any questions.

          Alexander

        • #14878
          Eric Dickerson
          Participant

            This is a great start… I have not tested it yet, but hope to incorporate it into a customization soon. Thanks!!!

        Viewing 2 reply threads
        • You must be logged in to reply to this topic.