
Security News
Open Source CAI Framework Handles Pen Testing Tasks up to 3,600× Faster Than Humans
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
angularjs-crypto
Advanced tools
[angularjs-crypto](http://ngmodules.org/modules/angularjs-crypto) ================== [](https://travis-ci.org/pussinboots/angularjs-crypto) [
<script type='text/javascript' src="[bower_components/]angularjs-crypto/public/js/lib/plugins/CryptoJSCipher.js"></script>
<script type='text/javascript' src="[bower_components/]angularjs-crypto/public/js/lib/angularjs-crypto.js"></script>
<script type='text/javascript' src="[bower_components/]angularjs-crypto/public/js/cryptojs/rollups/aes.js"></script>
<script type='text/javascript' src="[bower_components/]angularjs-crypto/public/js/cryptojs/components/mode-ecb.js"></script>
##Install (manual)
<script type='text/javascript' src="CryptoJSCipher.js"></script>
<script type='text/javascript' src="angularjs-crypto.js"></script>
<script type='text/javascript' src="aes.js"></script>
<script type='text/javascript' src="mode-ecb.js"></script>
##Usage
var demoApp = angular.module('demoApp', ['services', 'angularjs-crypto']);
Example Service Definition
'use strict';
angular.module('services', ['ngResource'], function ($provide) {
$provide.factory('Data', function ($resource) {
return $resource('/assets/config', {}, {
query: {method: 'GET', isArray: false, crypt: true},
queryNoCrypt: {method: 'GET'},
save: {method: 'POST', params: {}, crypt: true},
saveNoCrypt: {method: 'POST', params: {}}
});
});
});
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.base64Key = "16rdKQfqN3L4TY7YktgxBw==";
}])
That's done now all json fields that end with the pattern (default: '_enc') will be encoded in requests and decoded in responses.
var demoApp = angular.module('demoApp', ['angularjs-crypto']);
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.base64Key = "16rdKQfqN3L4TY7YktgxBw==";
}])
var demoApp = angular.module('demoApp', ['angularjs-crypto']);
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.pattern = "_enc"; //that is the default value
}])
This make it now possible to simple add other CryptoJs cipher implementations like DES or even other crypto libraries as well. If i find the time than i will add at least the supported cipher from CryptoJs. An example implementation that use Crypto AES can be found here
var demoApp = angular.module('demoApp', ['angularjs-crypto']);
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.plugin = {
encode: function(plainValue, base64Key) {
return plainValue;
},
decode : function(encryptedValue, base64Key) {
return encryptedValue;
}
};
}])
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.plugin = new CryptoJSCipher(CryptoJS.mode.ECB, CryptoJS.pad.Pkcs7, CryptoJS.DES)
})
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.plugin = new CryptoJSCipher(CryptoJS.mode.ECB, CryptoJS.pad.Pkcs7, CryptoJS.AES)
cfCryptoHttpInterceptor.plugin = new CryptoJSCipher(CryptoJS.mode.ECB, CryptoJS.pad.Pkcs7, CryptoJS.DES)
cfCryptoHttpInterceptor.plugin = new CryptoJSCipher(CryptoJS.mode.ECB, CryptoJS.pad.Pkcs7, CryptoJS.TripleDES)
cfCryptoHttpInterceptor.plugin = new CryptoJSCipher(CryptoJS.mode.ECB, CryptoJS.pad.Pkcs7, CryptoJS.Rabbit)
cfCryptoHttpInterceptor.plugin = new CryptoJSCipher(CryptoJS.mode.ECB, CryptoJS.pad.Pkcs7, CryptoJS.RC4)
cfCryptoHttpInterceptor.plugin = new CryptoJSCipher(CryptoJS.mode.ECB, CryptoJS.pad.Pkcs7, CryptoJS.RC4Drop)
})
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.contentHeaderCheck = new ContentHeaderCheck(['application/json', 'application/json_enc']);
}
The default configured Content-Type is shown above. That means only for request's and responses that have one of the aboved Content-Type will be enrypted/decrypted. For example if you perform a request with the Content-Type : 'text/plain'. This request will be skipped for encryption even if shouldCrpyt is set to true.
There is also the possibilities to implement your own ContentHeaderCheck that for example always return true. Like that own below.
function ContentTypeDoesntMatterCheck() {
return {
check: function(contentType) {
return true;
}
}
}
To use the new implemented ContentHeaderCheck apply following configuration code.
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.contentHeaderCheck = new ContentTypeDoesntMatterCheck();
}
var demoApp = angular.module('demoApp', ['angularjs-crypto']);
demoApp.run(['cfCryptoHttpInterceptor', function(cfCryptoHttpInterceptor) {
cfCryptoHttpInterceptor.logging = true; //the default value is false. True will log the decrypted and the encrypted values to the console.
}])
$provide.factory('Data', function ($resource) {
return $resource('/assets/config', {}, {
queryFullCrypt: {method: 'GET', isArray: false, fullcryptquery:true}
});
});
$provide.factory('Data', function ($resource) {
return $resource('/assets/config', {}, {
saveFullCrypt: {method: 'POST', fullcryptbody:true}
});
});
##Example
Change the base64Key locally by read it from the rootScope.
var demoApp = angular.module('demoApp', ['angularjs-crypto']);
demoApp.run(function(cfCryptoHttpInterceptor, $rootScope) {
cfCryptoHttpInterceptor.base64Key = $rootScope.base64Key;
cfCryptoHttpInterceptor.pattern = "_enc"; //default value but for a better understanding it is also defined here
})
Define a function which will be used to get the key for encryption/decryption is called for every encryption/decryption process.
var demoApp = angular.module('demoApp', ['angularjs-crypto']);
demoApp.run(function(cfCryptoHttpInterceptor, $rootScope) {
cfCryptoHttpInterceptor.base64KeyFunc = function() {
return $rootScope.base64Key;
}
})
With this html snippet you can edit the key to use only locally.
<input type="text" ng-model="$root.base64Key" />
Setup a simple example app that use mongodb as persistence layer for storing encrypted data.
The http calls are mocked with angular-mock.
Http Get query parameters encoding
Two ways to run the demo app local one with play or second with nodejs.
Dependencies
Start it with play
play run
Then go to
Start it with nodejs
node server.js
Then go to
Or run the karma test local with
npm test
This angularjs module is part of the bankapp. The idea is to store encrypted data in a backend and decode it on the client side so that the backend doesn't know what kind of data it stores only the angularjs client and the storage process know the plain data.
If you have question or want to take of the development than write me a mail at pussinboots666@googlemail.com.
It is a very young project but with the support of wide open source tools like karma and travis it will flow soon i hope.
angularjs-crypto is released under the MIT License.
FAQs
[angularjs-crypto](http://ngmodules.org/modules/angularjs-crypto) ================== [](https://travis-ci.org/pussinboots/angularjs-crypto) [![Coverage Status](https://
The npm package angularjs-crypto receives a total of 2 weekly downloads. As such, angularjs-crypto popularity was classified as not popular.
We found that angularjs-crypto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.
Security News
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.