@stalbert yeah I got to the point where I couldn't seem to pass it a value and just threw up my hands.
The library I'm using does not take a "secret key" so cryptoJS seems like it could be a better option.
What would be a good way to store the "secret key"? Password field on a custom record perhaps?