1. Setup Steps
Cypress runs in a Node.js environment, so you can use the built-in 'crypto' module without installing any additional packages.
2. Define Tasks in Cypress Configuration
You can define encryption and decryption tasks in the Cypress configuration file (e.g., cypress.config.js or cypress/plugins/index.js).
Example code
const crypto = require('crypto');
const algorithm = 'aes-256-cbc';
const key = crypto.randomBytes(32); // Store securely
const iv = crypto.randomBytes(16);Â // Initialization vector
module.exports = (on, config) => {
 on('task', {
   encrypt(text) {
     const cipher = crypto.createCipheriv(algorithm, key, iv);
     let encrypted = cipher.update(text, 'utf8', 'hex');
     encrypted += cipher.final('hex');
     return `${iv.toString('hex')}:${encrypted}`;
   },
   decrypt(encryptedText) {
     const [ivHex, encrypted] = encryptedText.split(':');
     const decipher = crypto.createDecipheriv(algorithm, key, Buffer.from(ivHex, 'hex'));
     let decrypted = decipher.update(encrypted, 'hex', 'utf8');
     decrypted += decipher.final('utf8');
     return decrypted;
   }
 });
};
3. Usage in Cypress Test
Example test case using the defined tasks
describe('Secure Data Handling', () => {
 it('should encrypt and decrypt a password', () => {
   const password = 'MySecret123';
   cy.task('encrypt', password).then((encrypted) => {
     cy.log('Encrypted:', encrypted);
     cy.task('decrypt', encrypted).then((decrypted) => {
       expect(decrypted).to.equal(password);
     });
   });
 });
});
4. Best Practices for Handling Secrets Securely
- Never hardcode encryption keys or IVs in your codebase.
- Use environment variables or a secure secrets manager to store sensitive values.
- Rotate encryption keys periodically.
- Ensure encrypted values are not logged or exposed in test reports.