This is the function used to encrypt in php
function generatetoken()
{
$token = ['id' => '123456','name' => 'username','email' => 'useremail#example.com','type' => 'user'];
$cipher = "AES-128-CBC";
$plaintext = json_encode($token);
$ivlen = openssl_cipher_iv_length($cipher = "AES-128-CBC");
$iv = openssl_random_pseudo_bytes($ivlen);
$ciphertext_raw = openssl_encrypt($plaintext, $cipher, '123456789', $options = OPENSSL_RAW_DATA, $iv);
$hmac = hash_hmac('sha256', $ciphertext_raw, '123456789', $as_binary = true);
$ciphertext = base64_encode($iv . $hmac . $ciphertext_raw);
return ciphertext;
}
I have this function to decrypt text in php :
function decodetokeninPhp($request_token)
{
$cipher = "AES-128-CBC";
$c = base64_decode($request_token);
$ivlen = openssl_cipher_iv_length($cipher = "AES-128-CBC");
$iv = substr($c, 0, $ivlen);
$hmac = substr($c, $ivlen, $sha2len = 32);
$ciphertext_raw = substr($c, $ivlen + $sha2len);
$original_plaintext = openssl_decrypt($ciphertext_raw, $cipher, '123456789', $options = OPENSSL_RAW_DATA, $iv);
$calcmac = hash_hmac('sha256', $ciphertext_raw, '123456789', $as_binary = true);
if (hash_equals($hmac, $calcmac)) {
return json_encode($original_plaintext);
} else {
return null;
}
}
I want the equivalent of this in javascript/Nodejs, i tried this:
function decode(token){
var password = 'My-key';
const ivLength = 16;
const sha2len = 32;
let replacedToken = token.toString();
const base64decoded = Buffer.from(replacedToken, 'base64').toString('binary');
const iv = replacedToken.substr(0,ivLength);
const hMac= replacedToken.substr( ivLength,sha2len);
const ciphertext_raw = replacedToken.substr(ivLength+sha2len);
var DataEncrypt = ciphertext_raw;
var DataKey = CryptoJS.enc.Utf8.parse(password);
var DataVector = CryptoJS.enc.Utf8.parse(iv);
var decrypted = CryptoJS.AES.decrypt(DataEncrypt, DataKey, { iv: DataVector });
var decrypted = CryptoJS.enc.Utf8.stringify(JSON.stringify(decrypted));
console.log("token decoded"+ decrypted);
}
But the console.log just print "token decoded:", it's empty result :(
Please someone help me i'm going crazy :/
If you want to use the crypto module of NodeJS, the whole CryptoJS part has to be changed. A possible implementation with crypto is:
var crypto = require('crypto');
function decode(token){
var keyDec = Buffer.from('0123456789012345', 'utf8'); // sample key for encryption/decryption
var keyAuth = Buffer.from('0123456789', 'utf8'); // sample key for authentication
var ivLen = 16;
var macLen = 32;
var tokenBuf = Buffer.from(token, 'base64');
var iv = tokenBuf.slice(0, ivLen);
var mac = tokenBuf.slice(ivLen, ivLen + macLen);
var ciphertext = tokenBuf.slice(ivLen + macLen);
// Authenticate
var hmac = crypto.createHmac('sha256', keyAuth);
hmac.update(ciphertext);
var macCalc = hmac.digest();
if (macCalc.equals(mac)) {
// Decrypt, if authentication is successfull
var decipher = crypto.createDecipheriv("AES-128-CBC", keyDec, iv);
var decrypted = decipher.update(ciphertext, '', 'utf-8');
decrypted += decipher.final('utf-8');
return JSON.parse(decrypted);
} else {
console.log("Decryption failed");
}
}
var token = decode('U3pukkS48yeNpsusv43Tmv2AmmDfYVtQ8jPw2izEQ0CVOfutGtA9e3ZWXJo2Ibi2axo31blnW6uq/yCz/KRSltwGhCmwpiHQ8mP5ulMf0Nr9V9Gzr6r+R6y3ZOpzTsV9IEkaKDxZTihfoDAzeyN9LYKS9uUW6URL0Do1HGaZ51o='); // from PHP code
console.log(token);
Here, the ciphertext was generated with the posted PHP code using the sample keys 0123456789012345 and 0123456789 for encryption and authentication, respectively.
I am suspicious of the json_encode() in the PHP code for decryption. Here I would expect a json_decode() and thus, in the NodeJS code a JSON.parse() (but you can modify this as needed).
Related
Here's how to send a private message to a Nostr Pubkey:
const crypto = require("crypto");
const secp = require("noble-secp256k1");
const ourPrivateKey = "";
const ourPubKey = "";
const theirPublicKey = "";
const text = "Hello World";
let sharedPoint = secp.getSharedSecret(ourPrivateKey, "02" + theirPublicKey);
let sharedX = sharedPoint.substr(2, 64);
let iv = crypto.randomFillSync(new Uint8Array(16));
var cipher = crypto.createCipheriv(
"aes-256-cbc",
Buffer.from(sharedX, "hex"),
iv
);
let encryptedMessage = cipher.update(text, "utf8", "base64");
encryptedMessage += cipher.final("base64");
let ivBase64 = Buffer.from(iv.buffer).toString("base64");
let event = {
pubkey: ourPubKey,
created_at: Math.floor(Date.now() / 1000),
kind: 4,
tags: [["p", theirPublicKey]],
content: encryptedMessage + "?iv=" + ivBase64,
};
console.log(event.content);
How would the receiver be able decrypt this once they receive it?
If you don't mind using a library, you can use nostr-tools
import {nip04} from 'nostr-tools'
nip04.decrypt(key1,key2,message)
let encryptedMessageParts = event.content.split("?iv=");
let senderMessage_enctrypted = encryptedMessageParts[0];
let iv_ = Buffer.from(encryptedMessageParts[1], "base64");
sharedPoint = secp.getSharedSecret(ourPrivateKey, "02" + theirPublicKey);
sharedX = sharedPoint.substr(2, 64);
var decipher = crypto.createDecipheriv(
"aes-256-cbc",
Buffer.from(sharedX, "hex"),
iv_
);
let senderMessage_decrypted = decipher.update(
senderMessage_enctrypted,
"base64",
"utf8"
);
senderMessage_decrypted += decipher.final("utf8");
console.log(senderMessage_decrypted);
You can read more about how encrypted DM's work here: https://github.com/nostr-protocol/nips/blob/master/04.md
We encrypted a string in JS with this code by this JS library:
CryptoJS.AES.encrypt("Message", "Key").toString()
and then save it to the database for future use cases.
Now we want to decrypt that hash in PHP by this code:
openssl_decrypt( "Message", "aes-128-ctr", "Key")
but it gives us a null value!
How can we do it without making any changes in JS code?
In JS side do this:
var CryptoJSAesJson = {
stringify: function (cipherParams) {
var j = { ct: cipherParams.ciphertext.toString(CryptoJS.enc.Base64) };
if (cipherParams.iv) j.iv = cipherParams.iv.toString();
if (cipherParams.salt) j.s = cipherParams.salt.toString();
return JSON.stringify(j);
},
parse: function (jsonStr) {
var j = JSON.parse(jsonStr);
var cipherParams = CryptoJS.lib.CipherParams.create({
ciphertext: CryptoJS.enc.Base64.parse(j.ct),
});
if (j.iv) cipherParams.iv = CryptoJS.enc.Hex.parse(j.iv);
if (j.s) cipherParams.salt = CryptoJS.enc.Hex.parse(j.s);
return cipherParams;
},
};
let data = CryptoJS.AES.encrypt("Text", "Key", {
format: CryptoJSAesJson,
}).toString();
//store the "data" in DB or another place
and in PHP Side do this:
function cryptoJsAesDecrypt($passphrase, $jsonString){
$jsondata = json_decode($jsonString, true);
$salt = hex2bin($jsondata["s"]);
$ct = base64_decode($jsondata["ct"]);
$iv = hex2bin($jsondata["iv"]);
$concatedPassphrase = $passphrase.$salt;
$md5 = array();
$md5[0] = md5($concatedPassphrase, true);
$result = $md5[0];
for ($i = 1; $i < 3; $i++) {
$md5[$i] = md5($md5[$i - 1].$concatedPassphrase, true);
$result .= $md5[$i];
}
$key = substr($result, 0, 32);
$data = openssl_decrypt($ct, 'aes-256-cbc', $key, true, $iv);
return $data;
}
echo cryptoJsAesDecrypt("Key",data);
// will show "Text"
source: This Link
I'm encrypting some parameters in PHP using
openssl("parameter", "AES-256-ECB", "client")
and I wish to decrypt in CryptoJS:
CryptoJS.AES.decrypt(parameter, "client", {mode: CryptoJS.mode.ECB}).toString(CryptoJS.enc.Utf8);
but it's throwing an empty string.
Any suggestions?
CryptoJS: PHP openssl encrypt -> javascript decrypt
PHP:
function CryptoJSAesEncrypt($passphrase, $plain_text){
$salt = openssl_random_pseudo_bytes(256);
$iv = openssl_random_pseudo_bytes(16);
//on PHP7 can use random_bytes() istead openssl_random_pseudo_bytes()
//or PHP5x see : https://github.com/paragonie/random_compat
$iterations = 999;
$key = hash_pbkdf2("sha512", $passphrase, $salt, $iterations, 64);
$encrypted_data = openssl_encrypt($plain_text, 'aes-256-cbc', hex2bin($key), OPENSSL_RAW_DATA, $iv);
$data = array("ciphertext" => base64_encode($encrypted_data), "iv" => bin2hex($iv), "salt" => bin2hex($salt));
return json_encode($data);
}
$string_json_fromPHP = CryptoJSAesEncrypt("your passphrase", "your plain text");
JS:
function CryptoJSAesDecrypt(passphrase,encrypted_json_string){
var obj_json = JSON.parse(encrypted_json_string);
var encrypted = obj_json.ciphertext;
var salt = CryptoJS.enc.Hex.parse(obj_json.salt);
var iv = CryptoJS.enc.Hex.parse(obj_json.iv);
var key = CryptoJS.PBKDF2(passphrase, salt, { hasher: CryptoJS.algo.SHA512, keySize: 64/8, iterations: 999});
var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv});
return decrypted.toString(CryptoJS.enc.Utf8);
}
console.log(CryptoJSAesDecrypt('your passphrase','<?php echo $string_json_fromPHP?>'));
CryptoJS: javascript encrypt -> PHP openssl decrypt
JS:
function CryptoJSAesEncrypt(passphrase, plain_text){
var salt = CryptoJS.lib.WordArray.random(256);
var iv = CryptoJS.lib.WordArray.random(16);
//for more random entropy can use : https://github.com/wwwtyro/cryptico/blob/master/random.js instead CryptoJS random() or another js PRNG
var key = CryptoJS.PBKDF2(passphrase, salt, { hasher: CryptoJS.algo.SHA512, keySize: 64/8, iterations: 999 });
var encrypted = CryptoJS.AES.encrypt(plain_text, key, {iv: iv});
var data = {
ciphertext : CryptoJS.enc.Base64.stringify(encrypted.ciphertext),
salt : CryptoJS.enc.Hex.stringify(salt),
iv : CryptoJS.enc.Hex.stringify(iv)
}
return JSON.stringify(data);
}
PHP:
function CryptoJSAesDecrypt($passphrase, $jsonString){
$jsondata = json_decode($jsonString, true);
try {
$salt = hex2bin($jsondata["salt"]);
$iv = hex2bin($jsondata["iv"]);
} catch(Exception $e) { return null; }
$ciphertext = base64_decode($jsondata["ciphertext"]);
$iterations = 999; //same as js encrypting
$key = hash_pbkdf2("sha512", $passphrase, $salt, $iterations, 64);
$decrypted= openssl_decrypt($ciphertext , 'aes-256-cbc', hex2bin($key), OPENSSL_RAW_DATA, $iv);
return $decrypted;
}
in mi tests I have used : github.com/sytelus/CryptoJS
PHP Encryption
function encryptPhp($string) {
$encrypt_method="AES-256-CBC";
$secret_key='secret_key';
$secret_iv='secret_iv';
$key=hash('sha256',$secret_key);
$iv=substr(hash('sha256',$secret_iv),0,16);
$output=openssl_encrypt($string,$encrypt_method,$key,0,$iv);
$output=base64_encode($output);
return $output
}
javascript Equialent
function decryptString($string) {
var Utf8 = CryptoJS.enc.Utf8;
const $secret_key='secret_key';
const $secret_iv='secret_iv';
const key= CryptoJS.SHA256($secret_key).toString(CryptoJS.enc.Hex).substring(0,32);
let iv= CryptoJS.SHA256($secret_iv).toString(CryptoJS.enc.Hex).substring(0,16);
const encrypt = CryptoJS.enc.Base64.parse($string).toString(CryptoJS.enc.Utf8);
const decrypt = CryptoJS.AES.decrypt(encrypt, Utf8.parse(key), { iv: Utf8.parse(iv)}).toString(Utf8);
return decrypt;
}
Also Don't use secret key & secret iv in browser side, it may affect security
Please use this method It's work for me.. Thanks
Typescript Code (Anuglar 4+) :
encryptUsingAES256() {
let _key = CryptoJS.enc.Utf8.parse(your_token_here);
let _iv = CryptoJS.enc.Utf8.parse(your_token_here);
let encrypted = CryptoJS.AES.encrypt(
this.request, _key, {
keySize: 16,
iv: _iv,
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
});
this.encrypted = encrypted.toString();
console.log(this.encrypted)
}
decryptUsingAES256() {
let _key = CryptoJS.enc.Utf8.parse(your_token_here);
let _iv = CryptoJS.enc.Utf8.parse(your_token_here);
this.decrypted = CryptoJS.AES.decrypt(
this.encrypted, _key, {
keySize: 16,
iv: _iv,
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
}).toString(CryptoJS.enc.Utf8);
console.log(this.decrypted)
}
I'm encrypting my user password in JavaScript like this:
var encryptedPassword = CryptoJS.AES.encrypt(password, "Secret Passphrase");
It works fine but now I'm trying to decrypt in PHP on the server side like this:
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_RAND);
$decryptPassword = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, "Secret Passphrase", base64_decode($password), MCRYPT_MODE_CBC, $iv);
it doesn't works at all, the decrypted password string looks very strange:
string(64) ">�OX2MS��댗v�<$�ʕ��i�̄��_��P���\�կ=�_6(�m����,4WT7��a"
Here is the current state of my code in JavaScript after the helpful comments:
var encryptedPassword = CryptoJS.AES.encrypt(password, "Secret Passphrase");
var ivHex = encryptedPassword.iv.toString();
var ivSize = encryptedPassword.algorithm.ivSize; // same as blockSize
var keySize = encryptedPassword.algorithm.keySize;
var keyHex = encryptedPassword.key.toString();
var saltHex = encryptedPassword.salt.toString(); // must be sent
var openSslFormattedCipherTextString = encryptedPassword.toString(); // not used
var cipherTextHex = encryptedPassword.ciphertext.toString(); // must be sent
I am sending saltHex and CipherTextHex to the PHP server and I'm using mcrypt_decrypt() like this:
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), $saltHex);
$decryptPassword = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, "Secret Passphrase", base64_decode($cipherTextHex), MCRYPT_MODE_CBC, $iv);
It still does't work with this updated code.
Can someone help me to decrypt properly with mcrypt_decrypt() PHP function for a simple AES encryption method ? I'm sure I am doing something wrong with the cipher, mcrypt mode and the IV parameters inside my mcrypt_decrypt() method. Thanks if you know.
The problem is that in the CryptoJS code a password is used to derive the key and the IV to be used for AES encryption, but mcrypt only uses the key to encrypt/decrypt. This information needs to be passed to php. Since you don't want to transmit the password, you have to derive the key and IV in the same way in php.
The following code derives the key and IV from a password and salt. It is modeled after the code in my answer here (for more information).
function evpKDF($password, $salt, $keySize = 8, $ivSize = 4, $iterations = 1, $hashAlgorithm = "md5") {
$targetKeySize = $keySize + $ivSize;
$derivedBytes = "";
$numberOfDerivedWords = 0;
$block = NULL;
$hasher = hash_init($hashAlgorithm);
while ($numberOfDerivedWords < $targetKeySize) {
if ($block != NULL) {
hash_update($hasher, $block);
}
hash_update($hasher, $password);
hash_update($hasher, $salt);
$block = hash_final($hasher, TRUE);
$hasher = hash_init($hashAlgorithm);
// Iterations
for ($i = 1; $i < $iterations; $i++) {
hash_update($hasher, $block);
$block = hash_final($hasher, TRUE);
$hasher = hash_init($hashAlgorithm);
}
$derivedBytes .= substr($block, 0, min(strlen($block), ($targetKeySize - $numberOfDerivedWords) * 4));
$numberOfDerivedWords += strlen($block)/4;
}
return array(
"key" => substr($derivedBytes, 0, $keySize * 4),
"iv" => substr($derivedBytes, $keySize * 4, $ivSize * 4)
);
}
The salt is generated during encryption in CryptoJS and needs to be sent to php with the ciphertext. Before invoking evpKDF the salt has to be converted to a binary string from hex.
$keyAndIV = evpKDF("Secret Passphrase", hex2bin($saltHex));
$decryptPassword = mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
$keyAndIV["key"],
hex2bin($cipherTextHex),
MCRYPT_MODE_CBC,
$keyAndIV["iv"]);
If only encryptedPassword.toString() was sent to the server, then it is necessary to split the salt and actual ciphertext before use. The format is a proprietary OpenSSL-compatible format with the first 8 bytes being "Salted__", the next 8 bytes being the random salt and the rest is the actual ciphertext. Everything together is Base64-encoded.
function decrypt($ciphertext, $password) {
$ciphertext = base64_decode($ciphertext);
if (substr($ciphertext, 0, 8) != "Salted__") {
return false;
}
$salt = substr($ciphertext, 8, 8);
$keyAndIV = evpKDF($password, $salt);
$decryptPassword = mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
$keyAndIV["key"],
substr($ciphertext, 16),
MCRYPT_MODE_CBC,
$keyAndIV["iv"]);
// unpad (PKCS#7)
return substr($decryptPassword, 0, strlen($decryptPassword) - ord($decryptPassword[strlen($decryptPassword)-1]));
}
The same can be achieved with the OpenSSL extension instead of Mcrypt:
function decrypt($ciphertext, $password) {
$ciphertext = base64_decode($ciphertext);
if (substr($ciphertext, 0, 8) != "Salted__") {
return false;
}
$salt = substr($ciphertext, 8, 8);
$keyAndIV = evpKDF($password, $salt);
$decryptPassword = openssl_decrypt(
substr($ciphertext, 16),
"aes-256-cbc",
$keyAndIV["key"],
OPENSSL_RAW_DATA, // base64 was already decoded
$keyAndIV["iv"]);
return $decryptPassword;
}
/**
*-------------PHP code example-----------------
*/
/**
* Decrypt data from a CryptoJS json encoding string
*
* #param mixed $passphrase
* #param mixed $jsonString
* #return mixed
*/
function cryptoJsAesDecrypt($passphrase, $jsonString){
$jsondata = json_decode($jsonString, true);
$salt = hex2bin($jsondata["s"]);
$ct = base64_decode($jsondata["ct"]);
$iv = hex2bin($jsondata["iv"]);
$concatedPassphrase = $passphrase.$salt;
$md5 = array();
$md5[0] = md5($concatedPassphrase, true);
$result = $md5[0];
for ($i = 1; $i < 3; $i++) {
$md5[$i] = md5($md5[$i - 1].$concatedPassphrase, true);
$result .= $md5[$i];
}
$key = substr($result, 0, 32);
$data = openssl_decrypt($ct, 'aes-256-cbc', $key, true, $iv);
return json_decode($data, true);
}
/**
* Encrypt value to a cryptojs compatiable json encoding string
*
* #param mixed $passphrase
* #param mixed $value
* #return string
*/
function cryptoJsAesEncrypt($passphrase, $value){
$salt = openssl_random_pseudo_bytes(8);
$salted = '';
$dx = '';
while (strlen($salted) < 48) {
$dx = md5($dx.$passphrase.$salt, true);
$salted .= $dx;
}
$key = substr($salted, 0, 32);
$iv = substr($salted, 32,16);
$encrypted_data = openssl_encrypt(json_encode($value), 'aes-256-cbc', $key, true, $iv);
$data = array("ct" => base64_encode($encrypted_data), "iv" => bin2hex($iv), "s" => bin2hex($salt));
return json_encode($data);
}
$encrypted = '{"ct":"nPfd1U0y9o2hRCdwJK6XkM1E01wa1ZjMu3eAzGjUD60=","iv":"2abda27fc571cf74e6efc1ba564801f9","s":"813a340e805f54ae"}';
$key = "123456";
$decrypted = cryptoJsAesDecrypt($key, $encrypted);
/* -------------Javascript code example-----------------*/
var CryptoJSAesJson = {
stringify: function (cipherParams) {
var j = {ct: cipherParams.ciphertext.toString(CryptoJS.enc.Base64)};
if (cipherParams.iv) j.iv = cipherParams.iv.toString();
if (cipherParams.salt) j.s = cipherParams.salt.toString();
return JSON.stringify(j);
},
parse: function (jsonStr) {
var j = JSON.parse(jsonStr);
var cipherParams = CryptoJS.lib.CipherParams.create({ciphertext: CryptoJS.enc.Base64.parse(j.ct)});
if (j.iv) cipherParams.iv = CryptoJS.enc.Hex.parse(j.iv)
if (j.s) cipherParams.salt = CryptoJS.enc.Hex.parse(j.s)
return cipherParams;
}
}
var key = "123456";
var encrypted = CryptoJS.AES.encrypt(JSON.stringify("value to encrypt"), key, {format: CryptoJSAesJson}).toString();
console.log(encrypted);
var decrypted = JSON.parse(CryptoJS.AES.decrypt(encrypted, key, {format: CryptoJSAesJson}).toString(CryptoJS.enc.Utf8));
console.log("decryyepted: "+decrypted);
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
You can't decrypt with a random initialisation vector - you need to use the same IV the data was encrypted with. Also, IIRC, AES defaults to an 8 bit representation of the encrypted data which will need to be handled carefully in transfer over HTTP.
I need to create an encryption and decryption function in my NodeJS application. Can anyone help and point me in the right direction?
After a bit of digging, I was able to answer my own question... Sorry for the lack of clarity and detail. Will work on that for the next question.
I've included the functions to encrypt and decrypt, and the "helping" functions to generate a key and generate the initialization vector as well.
var crypto = require('crypto');
var encrypt = function encrypt(input, password) {
var key = generateKey(password);
var initializationVector = generateInitializationVector(password);
var data = new Buffer(input.toString(), 'utf8').toString('binary');
var cipher = crypto.createCipheriv('aes-256-cbc', key, initializationVector.slice(0,16));
var encrypted = cipher.update(data, 'utf8', 'hex');
encrypted += cipher.final('hex');
var encoded = new Buffer(encrypted, 'binary').toString('base64');
return encoded;
};
var decrypt = function decrypt(input, password) {
var key = generateKey(password);
var initializationVector = generateInitializationVector(password);
var input = input.replace(/\-/g, '+').replace(/_/g, '/');
var edata = new Buffer(input, 'base64').toString('binary');
var decipher = crypto.createDecipheriv('aes-256-cbc', key, initializationVector.slice(0,16));
var decrypted = decipher.update(edata, 'hex', 'utf8');
decrypted += decipher.final('utf8');
var decoded = new Buffer(decrypted, 'binary').toString('utf8');
return decoded;
};
var generateKey = function generateKey(password) {
var cryptographicHash = crypto.createHash('md5');
cryptographicHash.update(password);
key = cryptographicHash.digest('hex');
return key;
}
var generateInitializationVector = function generateInitializationVector(password) {
var cryptographicHash = crypto.createHash('md5');
cryptographicHash.update(password + key);
initializationVector = cryptographicHash.digest('hex');
return initializationVector;
}
var password = 'MyPassword';
var originalStr = 'hello world!';
var encryptedStr = encrypt(originalStr, password);
var decryptedStr = decrypt(encryptedStr, password);
Hats off to adviner for the inspiration of the solution.
His post can be here: here
I had originally gotten this working with this post by dave, but that didn't work for input values with a character length greater than 15. The updated code above works for inputs of any length.