const CryptoJS = require('crypto-js'); module.exports.encrypt = function (data, password) { if (data.length < 10) throw new Error('data length cant be < 10'); const ciphertext = CryptoJS.AES.encrypt(data, password); return ciphertext.toString(); }; module.exports.decrypt = function (data, password) { const bytes = CryptoJS.AES.decrypt(data, password); let str = false; try { str = bytes.toString(CryptoJS.enc.Utf8); } catch (e) {} // for some reason, sometimes decrypt would succeed with wrong password and return random couple of characters. // at least in nodejs environment. so with this little hack we are not alowing to encrypt data that is shorter than // 10 characters, and thus if decrypted data is less than 10 characters we assume that decrypt actually failed. if (str.length < 10) return false; return str; };