npm - @angular-helpers/security - Versions diffs - 21.0.3 → 21.0.4 - Mend

@angular-helpers/security 21.0.3 → 21.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.es.md +52 -0
package/README.md +52 -0
package/fesm2022/angular-helpers-security.mjs +80 -2
package/package.json +1 -1
package/types/angular-helpers-security.d.ts +28 -2

package/README.es.md CHANGED Viewed

@@ -15,6 +15,13 @@ Paquete de seguridad para aplicaciones Angular que previene ataques comunes como
 - **Análisis de Complejidad**: Detecta patrones peligrosos antes de la ejecución.
 - **Modo Seguro**: Solo permite patrones verificados como seguros.
+### **Web Crypto API**
+- **Cifrado/Descifrado**: Soporte AES-GCM para manejo seguro de datos
+- **Hashing**: SHA-256 y otros algoritmos
+- **Gestión de Claves**: Generar, importar y exportar claves criptográficas
+- **Aleatorio Seguro**: Valores aleatorios criptográficamente seguros
 ### **Patrón Builder**
 - **API Fluida**: Construye expresiones regulares de forma intuitiva.
@@ -93,6 +100,51 @@ const result = await RegexSecurityService.builder()
   .execute('12345', this.securityService);
 ```
+### **WebCryptoService**
+```typescript
+import { WebCryptoService } from '@angular-helpers/security';
+export class SecureStorageComponent {
+  private cryptoService = inject(WebCryptoService);
+  async hashPassword(password: string): Promise<string> {
+    return await this.cryptoService.hash(password, 'SHA-256');
+  }
+  async encryptData(
+    data: string,
+  ): Promise<{ ciphertext: ArrayBuffer; iv: Uint8Array; key: CryptoKey }> {
+    const key = await this.cryptoService.generateAesKey(256);
+    const { ciphertext, iv } = await this.cryptoService.encryptAes(key, data);
+    return { ciphertext, iv, key };
+  }
+  async decryptData(ciphertext: ArrayBuffer, iv: Uint8Array, key: CryptoKey): Promise<string> {
+    return await this.cryptoService.decryptAes(key, ciphertext, iv);
+  }
+  async exportKeyForStorage(key: CryptoKey): Promise<JsonWebKey> {
+    return await this.cryptoService.exportKey(key);
+  }
+  async importKeyFromStorage(jwk: JsonWebKey): Promise<CryptoKey> {
+    return await this.cryptoService.importAesKey(jwk);
+  }
+  generateSecureToken(length: number = 32): string {
+    const bytes = this.cryptoService.generateRandomBytes(length);
+    return Array.from(bytes)
+      .map((b) => b.toString(16).padStart(2, '0'))
+      .join('');
+  }
+  generateUUID(): string {
+    return this.cryptoService.randomUUID();
+  }
+}
+```
 ## 📊 Niveles de Riesgo
 | Nivel          | Descripción          | Acción                                   |

package/README.md CHANGED Viewed

@@ -15,6 +15,13 @@ Security package for Angular applications that prevents common attacks like ReDo
 - **Complexity Analysis**: Detects dangerous patterns before execution.
 - **Safe Mode**: Only allows patterns verified as safe.
+### **Web Crypto API**
+- **Encryption/Decryption**: AES-GCM support for secure data handling
+- **Hashing**: SHA-256 and other algorithms
+- **Key Management**: Generate, import, and export cryptographic keys
+- **Secure Random**: Cryptographically secure random values
 ### **Builder Pattern**
 - **Fluent API**: Intuitively build regular expressions.
@@ -163,6 +170,51 @@ export class FormValidationComponent {
 }
 ```
+### **WebCryptoService**
+```typescript
+import { WebCryptoService } from '@angular-helpers/security';
+export class SecureStorageComponent {
+  private cryptoService = inject(WebCryptoService);
+  async hashPassword(password: string): Promise<string> {
+    return await this.cryptoService.hash(password, 'SHA-256');
+  }
+  async encryptData(
+    data: string,
+  ): Promise<{ ciphertext: ArrayBuffer; iv: Uint8Array; key: CryptoKey }> {
+    const key = await this.cryptoService.generateAesKey(256);
+    const { ciphertext, iv } = await this.cryptoService.encryptAes(key, data);
+    return { ciphertext, iv, key };
+  }
+  async decryptData(ciphertext: ArrayBuffer, iv: Uint8Array, key: CryptoKey): Promise<string> {
+    return await this.cryptoService.decryptAes(key, ciphertext, iv);
+  }
+  async exportKeyForStorage(key: CryptoKey): Promise<JsonWebKey> {
+    return await this.cryptoService.exportKey(key);
+  }
+  async importKeyFromStorage(jwk: JsonWebKey): Promise<CryptoKey> {
+    return await this.cryptoService.importAesKey(jwk);
+  }
+  generateSecureToken(length: number = 32): string {
+    const bytes = this.cryptoService.generateRandomBytes(length);
+    return Array.from(bytes)
+      .map((b) => b.toString(16).padStart(2, '0'))
+      .join('');
+  }
+  generateUUID(): string {
+    return this.cryptoService.randomUUID();
+  }
+}
+```
 ## 🔧 Advanced Configuration
 ### **Security Options**

package/fesm2022/angular-helpers-security.mjs CHANGED Viewed

@@ -1,5 +1,6 @@
 import * as i0 from '@angular/core';
-import { inject, DestroyRef, Injectable, makeEnvironmentProviders } from '@angular/core';
+import { inject, DestroyRef, Injectable, PLATFORM_ID, makeEnvironmentProviders } from '@angular/core';
+import { isPlatformBrowser } from '@angular/common';
 /**
  * Security service for regular expressions that prevents ReDoS
@@ -411,8 +412,79 @@ class RegexSecurityBuilder {
     }
 }
+class WebCryptoService {
+    platformId = inject(PLATFORM_ID);
+    isSupported() {
+        return isPlatformBrowser(this.platformId) && 'crypto' in window && 'subtle' in crypto;
+    }
+    get subtle() {
+        if (!this.isSupported()) {
+            throw new Error('Web Crypto API not supported in this environment');
+        }
+        return crypto.subtle;
+    }
+    ensureSecureContext() {
+        if (!window.isSecureContext) {
+            throw new Error('Web Crypto API requires a secure context (HTTPS)');
+        }
+    }
+    async hash(data, algorithm = 'SHA-256') {
+        this.ensureSecureContext();
+        const buffer = typeof data === 'string' ? new TextEncoder().encode(data) : data;
+        const hashBuffer = await this.subtle.digest(algorithm, buffer);
+        return this.bufferToHex(hashBuffer);
+    }
+    async generateAesKey(length = 256) {
+        this.ensureSecureContext();
+        return this.subtle.generateKey({ name: 'AES-GCM', length }, true, ['encrypt', 'decrypt']);
+    }
+    async encryptAes(key, data) {
+        this.ensureSecureContext();
+        const buffer = typeof data === 'string' ? new TextEncoder().encode(data) : data;
+        const iv = crypto.getRandomValues(new Uint8Array(12));
+        const ciphertext = await this.subtle.encrypt({ name: 'AES-GCM', iv }, key, buffer);
+        return { ciphertext, iv };
+    }
+    async decryptAes(key, ciphertext, iv) {
+        this.ensureSecureContext();
+        const decrypted = await this.subtle.decrypt({ name: 'AES-GCM', iv }, key, ciphertext);
+        return new TextDecoder().decode(decrypted);
+    }
+    async exportKey(key) {
+        this.ensureSecureContext();
+        return this.subtle.exportKey('jwk', key);
+    }
+    async importAesKey(jwk) {
+        this.ensureSecureContext();
+        return this.subtle.importKey('jwk', jwk, { name: 'AES-GCM' }, true, ['encrypt', 'decrypt']);
+    }
+    generateRandomBytes(length) {
+        if (!this.isSupported()) {
+            throw new Error('Web Crypto API not supported');
+        }
+        return crypto.getRandomValues(new Uint8Array(length));
+    }
+    randomUUID() {
+        if (!this.isSupported()) {
+            throw new Error('Web Crypto API not supported');
+        }
+        return crypto.randomUUID();
+    }
+    bufferToHex(buffer) {
+        return Array.from(new Uint8Array(buffer))
+            .map((b) => b.toString(16).padStart(2, '0'))
+            .join('');
+    }
+    static ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "21.2.4", ngImport: i0, type: WebCryptoService, deps: [], target: i0.ɵɵFactoryTarget.Injectable });
+    static ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "21.2.4", ngImport: i0, type: WebCryptoService });
+}
+i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "21.2.4", ngImport: i0, type: WebCryptoService, decorators: [{
+            type: Injectable
+        }] });
 const defaultSecurityConfig = {
     enableRegexSecurity: true,
+    enableWebCrypto: true,
     defaultTimeout: 5000,
     safeMode: false,
 };
@@ -422,14 +494,20 @@ function provideSecurity(config = {}) {
     if (mergedConfig.enableRegexSecurity) {
         providers.push(RegexSecurityService);
     }
+    if (mergedConfig.enableWebCrypto) {
+        providers.push(WebCryptoService);
+    }
     return makeEnvironmentProviders(providers);
 }
 function provideRegexSecurity() {
     return makeEnvironmentProviders([RegexSecurityService]);
 }
+function provideWebCrypto() {
+    return makeEnvironmentProviders([WebCryptoService]);
+}
 /**
  * Generated bundle index. Do not edit.
  */
-export { RegexSecurityBuilder, RegexSecurityService, defaultSecurityConfig, provideRegexSecurity, provideSecurity };
+export { RegexSecurityBuilder, RegexSecurityService, WebCryptoService, defaultSecurityConfig, provideRegexSecurity, provideSecurity, provideWebCrypto };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@angular-helpers/security",
-  "version": "21.0.3",
+  "version": "21.0.4",
   "description": "Angular security helpers for preventing ReDoS and other security vulnerabilities",
   "keywords": [
     "angular",

package/types/angular-helpers-security.d.ts CHANGED Viewed

@@ -151,14 +151,40 @@ declare class RegexSecurityBuilder {
     execute(text: string, service: RegexSecurityService): Promise<RegexTestResult>;
 }
+type HashAlgorithm = 'SHA-1' | 'SHA-256' | 'SHA-384' | 'SHA-512';
+type AesKeyLength = 128 | 192 | 256;
+interface AesEncryptResult {
+    ciphertext: ArrayBuffer;
+    iv: Uint8Array;
+}
+declare class WebCryptoService {
+    private readonly platformId;
+    isSupported(): boolean;
+    private get subtle();
+    private ensureSecureContext;
+    hash(data: string | ArrayBuffer, algorithm?: HashAlgorithm): Promise<string>;
+    generateAesKey(length?: AesKeyLength): Promise<CryptoKey>;
+    encryptAes(key: CryptoKey, data: string | ArrayBuffer): Promise<AesEncryptResult>;
+    decryptAes(key: CryptoKey, ciphertext: ArrayBuffer, iv: Uint8Array<ArrayBuffer>): Promise<string>;
+    exportKey(key: CryptoKey): Promise<JsonWebKey>;
+    importAesKey(jwk: JsonWebKey): Promise<CryptoKey>;
+    generateRandomBytes(length: number): Uint8Array;
+    randomUUID(): string;
+    private bufferToHex;
+    static ɵfac: i0.ɵɵFactoryDeclaration<WebCryptoService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<WebCryptoService>;
+}
 interface SecurityConfig {
     enableRegexSecurity?: boolean;
+    enableWebCrypto?: boolean;
     defaultTimeout?: number;
     safeMode?: boolean;
 }
 declare const defaultSecurityConfig: SecurityConfig;
 declare function provideSecurity(config?: SecurityConfig): EnvironmentProviders;
 declare function provideRegexSecurity(): EnvironmentProviders;
+declare function provideWebCrypto(): EnvironmentProviders;
-export { RegexSecurityBuilder, RegexSecurityService, defaultSecurityConfig, provideRegexSecurity, provideSecurity };
-export type { RegexBuilderOptions, RegexSecurityConfig, RegexSecurityResult, RegexTestResult, SecurityConfig };
+export { RegexSecurityBuilder, RegexSecurityService, WebCryptoService, defaultSecurityConfig, provideRegexSecurity, provideSecurity, provideWebCrypto };
+export type { AesEncryptResult, AesKeyLength, HashAlgorithm, RegexBuilderOptions, RegexSecurityConfig, RegexSecurityResult, RegexTestResult, SecurityConfig };