I am supporting CandidateX

CandidateX is a startup that focuses on creating inclusion-focused hiring solutions, designed to increase access to job opportunities for underestimated talent. Check them out if you have a few minutes to spare. They need visibility!

CryptoJS is pretty much the gold standard for JavaScript cryptography. Working with Oauth2 you don’t have to worry about all that, except when you are dealing with service accounts. I’ll get to that in a another section, but first let’s look at a CryptoJS library for Google Apps Script.

One thing I discovered is that GAS is pretty slow at some things. Heavy compute tasks like cryptography is one of them. I had previously used sjcl encryption for parse.com – noSQL database for GAS but gave up on it because it was just too slow. CyptoJS is better and fine for one off encryptions. However it’s much slower than running in your browser. More of that later.

The library

cCryptoGS is available here



Many hashing functions are already included in GAS Utilities service, so all I really need is the Cipher algorithms for encrypting messages, so I’ve made a simple wrapper. Here’s an example

var cipher = new cCryptoGS.Cipher('this is my passphrase', 'aes');
 var encryptedMessage = cipher.encrypt ('this is my message to be encrypted');
 var decryptedMessage = cipher.decrypt (encryptedMessage);
 Logger.log (encryptedMessage);


Logger.log (decryptedMessage);

this is my message to be encrypted


For now I’ve included these algorithms

var ALGOS = ['AES','DES','Rabbit','TripleDES'];

If you have need of any others, let me know on G+

CryptoJS direct

If you need to call some of the cipher functions in CryptoJS directly, you can do that too. Here’s the above example without the wrapper

var encryptedMessage = cCryptoGS.CryptoJS.AES.encrypt ('this is my message to be encrypted', 'this is my passphrase').toString();
 var decryptedMessage = cCryptoGS.CryptoJS.AES.decrypt (encryptedMessage, 'this is my passphrase').toString(CryptoJS.enc.Utf8);


Of the implemented algorithms, Rabbit is the fastest – about half a second for an encrypt/decrypt pair. Here’s a test running 100 encrypts/decrypts

var looper = 100;
  var pass = "some passphrase";
  var message = "some kind of message to be encrypted";

  // simplified
  ['AES','DES','Rabbit','TripleDES'].forEach (function(d) {
    var cipher = new cCryptoGS.Cipher(pass, d);
    var start = new Date().getTime();    
    for (var i=0; i < looper ; i++ ) { 
      var enc = cipher.encrypt (message);
      var dec = cipher.decrypt (enc);
      if (dec !== message) {
        throw 'mismatch' + ' . ' + dec + ' . ' + message;
    var end = new Date().getTime();
    Logger.log( d+' ' + looper + ' iterations took ' + (end - start));

But when you compare that with the same thing running on a regular javascript client app, you get this amazing difference, so we again learn that any form of big compute on GAS infrastructure is not a good thing.

So what’s going on? At first I thought there might some kind of caja thing going on, so I ran it again from htmlService – executing on the client, but caja-fied. Sure it takes a bit longer than purely on the client – but not that much longer.

Here’s all 3 tests

Need to think some more….

For more like this see Google Apps Scripts Snippets
For help and more information join our community, follow the blog, follow me on twitter, or follow me on g+