Package com.dyadicsec.advapi

Class SDEKey

java.lang.Object
com.dyadicsec.advapi.SDEKey
public final class SDEKey
extends java.lang.Object
This class includes the methods for application level encryption, see Application-Level Encryption in the UKC Developers Guide for more information.

  • Field Summary

    Fields
    Modifier and Type Field Description
    static int PURPOSE_CREDIT_CARD_ENC
    Use this session key purpose for credit card number format preserving encryption
    static int PURPOSE_EMAIL_ENC
    Use this session key purpose for email format preserving encryption
    static int PURPOSE_ONE_WAY
    Use this session key purpose for one way encryption (PRF)
    static int PURPOSE_OP_ENC
    Use this session key purpose for order preserving encryption
    static int PURPOSE_SP_ENC
    Use this session key purpose for generic type preserving encryption (besides String)
    static int PURPOSE_SSN_ENC
    Use this session key purpose for SSN format preserving encryption
    static int PURPOSE_STRING_ENC
    Use this session key purpose for String format preserving encryption (type and size)
    static int PURPOSE_US_PHONE_ENC
    Use this session key purpose for US phone format preserving encryption

  • Method Summary

    Modifier and Type Method Description
    byte[] decrypt​(byte[] aad, byte[] in)
    Generic decryption function, implements strong AES-GCM none-deterministic encryption and also takes care of key versioning by appending key UID to the cipher text.
    java.lang.String decryptCreditCard​(java.lang.String tweak, java.lang.String in)
    Decrypt a credit card number, where the encrypted value is also a credit card number
    java.lang.String decryptCreditCard​(java.lang.String tweak, java.lang.String in, java.lang.String format)
    Decrypt a credit card number, where the encrypted value is also a credit card number
    java.lang.String decryptEMailAddress​(java.lang.String tweak, java.lang.String in)
    Decrypt an encrypted email address, where the encrypted value is also an email address.
    int decryptOrderPreserving​(java.lang.String tweak, long encData)
    Decrypt an integer value encrypted with order preserving encryption
    java.lang.String decryptOrderPreserving​(java.lang.String tweak, java.lang.String encDataStr)
    Decrypt a string value encrypted with order preserving encryption
    java.sql.Timestamp decryptOrderPreservingTS​(java.lang.String tweak, java.lang.String encDataStr)
    Decrypt a Timestamp value encrypted with order preserving encryption
    java.lang.String decryptSSN​(java.lang.String tweak, java.lang.String in, java.lang.String format)
    Decrypt an encrypted SSN, where the encrypted value is also SSN
    boolean decryptTypePreserving​(java.lang.String tweak, boolean encData)
    Decrypt an encryptyed boolean value
    byte[] decryptTypePreserving​(java.lang.String tweak, byte[] encData)
    Decrypt a byte array
    double decryptTypePreserving​(java.lang.String tweak, double encData)
    Decrypt an encryptyed double value
    float decryptTypePreserving​(java.lang.String tweak, float encData)
    Decrypt an encryptyed float value
    int decryptTypePreserving​(java.lang.String tweak, int encData)
    Decrypt an encryptyed integer value
    long decryptTypePreserving​(java.lang.String tweak, long encData)
    Decrypt an encryptyed long value
    short decryptTypePreserving​(java.lang.String tweak, short encData)
    Decrypt an encryptyed short value
    java.lang.String decryptTypePreserving​(java.lang.String tweak, java.lang.String encData)
    Decrypt an encryptyed string value
    java.math.BigDecimal decryptTypePreserving​(java.lang.String tweak, java.math.BigDecimal encData)
    Decrypt an encryptyed BigDecimal value
    java.sql.Blob decryptTypePreserving​(java.lang.String tweak, java.sql.Blob encData)
    Decrypt an encryptyed Blob value
    java.sql.Clob decryptTypePreserving​(java.lang.String tweak, java.sql.Clob encData)
    Decrypt an encryptyed Clob value
    java.sql.Date decryptTypePreserving​(java.lang.String tweak, java.sql.Date encData)
    Decrypt an encryptyed Date value
    java.sql.Time decryptTypePreserving​(java.lang.String tweak, java.sql.Time encData)
    Decrypt an encryptyed Time value
    java.sql.Timestamp decryptTypePreserving​(java.lang.String tweak, java.sql.Timestamp encData)
    Decrypt an encryptyed Timestamp value
    java.lang.String decryptUSPhone​(java.lang.String tweak, java.lang.String in, java.lang.String format)
    Decrypt an encrypted US phone number, where the encrypted value is also a US phone number
    void destroy()  
    byte[] encrypt​(byte[] aad, byte[] in)
    Generic encryption function, implements strong AES-GCM none-deterministic encryption and also takes care of key versioning by appending key UID to the cipher text.
    java.lang.String encryptCreditCard​(java.lang.String tweak, java.lang.String in)
    Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number.
    java.lang.String encryptCreditCard​(java.lang.String tweak, java.lang.String in, java.lang.String format)
    Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number.
    java.lang.String encryptEMailAddress​(java.lang.String tweak, java.lang.String in, int maxSize)
    Encrypt an email address in format preserving form, where the encrypted value is also a legitimate email address.
    It can contain these characters: A-Z, a-z, 0-9, .!#$%&*+-/={|}~(),:;<>[]
    It must contain an @ as a separator and cannot contain spaces.
    long encryptOrderPreserving​(java.lang.String tweak, int data)
    Encrypt an integer value in order preserving form, encrypted value is of type long
    long encryptOrderPreserving​(java.lang.String tweak, short data)
    Encrypt a short value in order preserving form, where the return value is of type long
    java.lang.String encryptOrderPreserving​(java.lang.String tweak, java.lang.String data, int size)
    Encrypt a string value in order preserving form
    java.lang.String encryptOrderPreserving​(java.lang.String tweak, java.sql.Timestamp data)
    Encrypt a Timestamp value in order preserving form, encrypted value is of string type
    byte[] encryptPRF​(java.lang.String tweak, byte[] data)
    Creates a unique searchable token from a byte array
    java.lang.String encryptSSN​(java.lang.String tweak, java.lang.String in, java.lang.String format)
    Encrypt an SSN in format preserving form, where the encrypted value is also a legitimate SSN.

    The SSN can be all numbers except:
    - Numbers with all zeros in any digit group (000-##-####, ###-00-####, ###-##-0000).
    - Numbers with 666 or 900-999 (Individual Taxpayer Identification Number) in the first digit group.
    boolean encryptTypePreserving​(java.lang.String tweak, boolean data)
    Encrypt a boolean value
    byte[] encryptTypePreserving​(java.lang.String tweak, byte[] data)
    Encrypt a byte array
    double encryptTypePreserving​(java.lang.String tweak, double data)
    Encrypt a double value
    float encryptTypePreserving​(java.lang.String tweak, float data)
    Encrypt a float value
    int encryptTypePreserving​(java.lang.String tweak, int data)
    Encrypt a integer value
    long encryptTypePreserving​(java.lang.String tweak, long data)
    Encrypt a long value
    short encryptTypePreserving​(java.lang.String tweak, short data)
    Encrypt a short value
    java.lang.String encryptTypePreserving​(java.lang.String tweak, java.lang.String data)
    Encrypt a string value
    java.math.BigDecimal encryptTypePreserving​(java.lang.String tweak, java.math.BigDecimal data)
    Encrypt a BigDecimal value
    java.sql.Blob encryptTypePreserving​(java.lang.String tweak, java.sql.Blob data)
    Encrypt a Blob value
    java.sql.Clob encryptTypePreserving​(java.lang.String tweak, java.sql.Clob data)
    Encrypt a Clob value
    java.sql.Date encryptTypePreserving​(java.lang.String tweak, java.sql.Date data)
    Encrypt a Date value
    java.sql.Time encryptTypePreserving​(java.lang.String tweak, java.sql.Time data)
    Encrypt a Time value
    java.sql.Timestamp encryptTypePreserving​(java.lang.String tweak, java.sql.Timestamp data)
    Encrypt a Timestamp value
    java.lang.String encryptUSPhone​(java.lang.String tweak, java.lang.String in, java.lang.String format)
    Encrypt a US phone in format preserving form, where the encrypted value is also a legitimate US phone number.
    The number is 10 digits.
    protected void finalize()  
    static SDEKey findKey​(long uid)
    Find an application level encryption key, located by its UID
    static SDEKey findKey​(java.lang.String name)
    Find an application level encryption key, located by its name
    static SDEKey findKey​(java.lang.String slotName, long uid)
    Find an application level encryption key in a specific EKM partition.
    static SDEKey findKey​(java.lang.String slotName, java.lang.String name)
    Find an application level encryption key in a specific EKM partition.
    static SDEKey generate​(com.unbound.client.Partition partition, java.lang.String keyName)  
    SDESessionKey generateSessionKey​(int purpose, java.lang.String tweak)
    Generate a session key which can be used for multiple encryption operations Use the proper purpose per the values and encryption modes which you will use this key with
    SDEKey getPreviousKey()
    Return the previous key used for encryption in case Re-Key was used
    long getUID()
    Get the unique identifier of a key, can be used in future time to decrypt with a specific key version

    Methods inherited from class java.lang.Object

    clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • PURPOSE_ONE_WAY

      public static final int PURPOSE_ONE_WAY
      Use this session key purpose for one way encryption (PRF)
      See Also:
      Constant Field Values

    • PURPOSE_SP_ENC

      public static final int PURPOSE_SP_ENC
      Use this session key purpose for generic type preserving encryption (besides String)
      See Also:
      Constant Field Values

    • PURPOSE_OP_ENC

      public static final int PURPOSE_OP_ENC
      Use this session key purpose for order preserving encryption
      See Also:
      Constant Field Values

    • PURPOSE_EMAIL_ENC

      public static final int PURPOSE_EMAIL_ENC
      Use this session key purpose for email format preserving encryption
      See Also:
      Constant Field Values

    • PURPOSE_CREDIT_CARD_ENC

      public static final int PURPOSE_CREDIT_CARD_ENC
      Use this session key purpose for credit card number format preserving encryption
      See Also:
      Constant Field Values

    • PURPOSE_US_PHONE_ENC

      public static final int PURPOSE_US_PHONE_ENC
      Use this session key purpose for US phone format preserving encryption
      See Also:
      Constant Field Values

    • PURPOSE_SSN_ENC

      public static final int PURPOSE_SSN_ENC
      Use this session key purpose for SSN format preserving encryption
      See Also:
      Constant Field Values

    • PURPOSE_STRING_ENC

      public static final int PURPOSE_STRING_ENC
      Use this session key purpose for String format preserving encryption (type and size)
      See Also:
      Constant Field Values

  • Method Details

    • destroy

      public void destroy()

    • generate

      public static SDEKey generate​(com.unbound.client.Partition partition, java.lang.String keyName)

    • finalize

      protected void finalize() throws java.lang.Throwable
      Overrides:
      finalize in class java.lang.Object
      Throws:
      java.lang.Throwable

    • findKey

      public static SDEKey findKey​(java.lang.String name)
      Find an application level encryption key, located by its name
      Parameters:
      name - The key name
      Returns:
      The key handle or null if the key is not found

    • findKey

      public static SDEKey findKey​(java.lang.String slotName, java.lang.String name)
      Find an application level encryption key in a specific EKM partition. The key is located based on its name
      Parameters:
      slotName - The partition name
      name - The key name
      Returns:
      The key handle or null if the key is not found

    • getUID

      public long getUID()
      Get the unique identifier of a key, can be used in future time to decrypt with a specific key version
      Returns:
      The unique ID of the key

    • getPreviousKey

      public SDEKey getPreviousKey()
      Return the previous key used for encryption in case Re-Key was used
      Returns:
      The previous key handle or null if no previous key exists

    • findKey

      public static SDEKey findKey​(long uid)
      Find an application level encryption key, located by its UID
      Parameters:
      uid - The key UID
      Returns:
      The key handle or null if the key is not found

    • findKey

      public static SDEKey findKey​(java.lang.String slotName, long uid)
      Find an application level encryption key in a specific EKM partition. The key is located based on its UID
      Parameters:
      slotName - The partition name
      uid - The key UID
      Returns:
      The key handle or null if the key is not found

    • encrypt

      public byte[] encrypt​(byte[] aad, byte[] in) throws java.lang.SecurityException
      Generic encryption function, implements strong AES-GCM none-deterministic encryption and also takes care of key versioning by appending key UID to the cipher text. This encryption mode is not size preserving
      Parameters:
      aad - Additional Authentication Data, can be used to further authenticate the cipher text, see reference at https://en.wikipedia.org/wiki/Galois/Counter_Mode
      in - The data to encrypt
      Returns:
      Encrypted cipher text
      Throws:
      java.lang.SecurityException - In case of operation error

    • decrypt

      public byte[] decrypt​(byte[] aad, byte[] in) throws java.lang.SecurityException
      Generic decryption function, implements strong AES-GCM none-deterministic encryption and also takes care of key versioning by appending key UID to the cipher text. This encryption mode is not size preserving
      Parameters:
      aad - Additional Authentication Data, can be used to further authenticate the cipher text, see reference at https://en.wikipedia.org/wiki/Galois/Counter_Mode
      in - The data to encrypt
      Returns:
      Encrypted cipher text
      Throws:
      java.lang.SecurityException - In case of operation error

    • generateSessionKey

      public SDESessionKey generateSessionKey​(int purpose, java.lang.String tweak) throws java.lang.SecurityException
      Generate a session key which can be used for multiple encryption operations Use the proper purpose per the values and encryption modes which you will use this key with
      Parameters:
      purpose - Determines the type and mode of encryption to be used with this session key
      tweak - The tweak associated with this session key
      Returns:
      The derived session key
      Throws:
      java.lang.SecurityException - In case of operation error

    • encryptPRF

      public byte[] encryptPRF​(java.lang.String tweak, byte[] data) throws java.lang.SecurityException
      Creates a unique searchable token from a byte array
      Parameters:
      tweak - The tweak used for the process
      data - The input data
      Returns:
      Searchable token of size 16 bytes
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptTypePreserving

      public byte[] encryptTypePreserving​(java.lang.String tweak, byte[] data) throws java.lang.SecurityException, java.lang.IllegalArgumentException
      Encrypt a byte array
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt, where the length of the array should be even or at least 16 bytes
      Returns:
      The encrypted value, where the size of the encrypted data equals to the size of the input
      Throws:
      java.lang.SecurityException - In case of encryption error
      java.lang.IllegalArgumentException - In case data length is odd and length is smaller than 16

    • decryptTypePreserving

      public byte[] decryptTypePreserving​(java.lang.String tweak, byte[] encData) throws java.lang.SecurityException, java.lang.IllegalArgumentException
      Decrypt a byte array
      Parameters:
      tweak - The tweak used for encryption
      encData - The encrypted data
      Returns:
      Decrryped byte array
      Throws:
      java.lang.SecurityException - In case of decryption error
      java.lang.IllegalArgumentException

    • encryptTypePreserving

      public java.lang.String encryptTypePreserving​(java.lang.String tweak, java.lang.String data) throws java.lang.SecurityException
      Encrypt a string value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.lang.String decryptTypePreserving​(java.lang.String tweak, java.lang.String encData) throws java.lang.SecurityException
      Decrypt an encryptyed string value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      String value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptOrderPreserving

      public java.lang.String encryptOrderPreserving​(java.lang.String tweak, java.lang.String data, int size) throws java.lang.SecurityException
      Encrypt a string value in order preserving form
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      size - Maximum size of values that should be compared with this value
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptOrderPreserving

      public java.lang.String decryptOrderPreserving​(java.lang.String tweak, java.lang.String encDataStr) throws java.lang.SecurityException
      Decrypt a string value encrypted with order preserving encryption
      Parameters:
      tweak - The tweak used for the decryption
      encDataStr - The encrypted value
      Returns:
      String value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public long encryptTypePreserving​(java.lang.String tweak, long data) throws java.lang.SecurityException
      Encrypt a long value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public long decryptTypePreserving​(java.lang.String tweak, long encData) throws java.lang.SecurityException
      Decrypt an encryptyed long value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      long value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public int encryptTypePreserving​(java.lang.String tweak, int data) throws java.lang.SecurityException
      Encrypt a integer value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public int decryptTypePreserving​(java.lang.String tweak, int encData) throws java.lang.SecurityException
      Decrypt an encryptyed integer value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      long value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptOrderPreserving

      public long encryptOrderPreserving​(java.lang.String tweak, int data) throws java.lang.SecurityException
      Encrypt an integer value in order preserving form, encrypted value is of type long
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptOrderPreserving

      public int decryptOrderPreserving​(java.lang.String tweak, long encData) throws java.lang.SecurityException
      Decrypt an integer value encrypted with order preserving encryption
      Parameters:
      tweak - The tweak used for the decryption
      encData - The encrypted value
      Returns:
      Integer value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public short encryptTypePreserving​(java.lang.String tweak, short data) throws java.lang.SecurityException
      Encrypt a short value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public short decryptTypePreserving​(java.lang.String tweak, short encData) throws java.lang.SecurityException
      Decrypt an encryptyed short value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      String value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptOrderPreserving

      public long encryptOrderPreserving​(java.lang.String tweak, short data) throws java.lang.SecurityException
      Encrypt a short value in order preserving form, where the return value is of type long
      Parameters:
      tweak - The tweak used for the encryption
      data - The value to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptTypePreserving

      public float encryptTypePreserving​(java.lang.String tweak, float data) throws java.lang.SecurityException
      Encrypt a float value
      Parameters:
      tweak - The tweak used for the encryption
      data - The value to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public float decryptTypePreserving​(java.lang.String tweak, float encData) throws java.lang.SecurityException
      Decrypt an encryptyed float value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Float value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public double encryptTypePreserving​(java.lang.String tweak, double data) throws java.lang.SecurityException
      Encrypt a double value
      Parameters:
      tweak - The tweak used for the encryption
      data - The value to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public double decryptTypePreserving​(java.lang.String tweak, double encData) throws java.lang.SecurityException
      Decrypt an encryptyed double value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Double value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Date encryptTypePreserving​(java.lang.String tweak, java.sql.Date data) throws java.lang.SecurityException
      Encrypt a Date value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Date decryptTypePreserving​(java.lang.String tweak, java.sql.Date encData) throws java.lang.SecurityException
      Decrypt an encryptyed Date value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Date value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Time encryptTypePreserving​(java.lang.String tweak, java.sql.Time data) throws java.lang.SecurityException
      Encrypt a Time value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Time decryptTypePreserving​(java.lang.String tweak, java.sql.Time encData) throws java.lang.SecurityException
      Decrypt an encryptyed Time value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Time value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Timestamp encryptTypePreserving​(java.lang.String tweak, java.sql.Timestamp data) throws java.lang.SecurityException
      Encrypt a Timestamp value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Timestamp decryptTypePreserving​(java.lang.String tweak, java.sql.Timestamp encData) throws java.lang.SecurityException
      Decrypt an encryptyed Timestamp value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Timestamp value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptOrderPreserving

      public java.lang.String encryptOrderPreserving​(java.lang.String tweak, java.sql.Timestamp data) throws java.lang.SecurityException
      Encrypt a Timestamp value in order preserving form, encrypted value is of string type
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptOrderPreservingTS

      public java.sql.Timestamp decryptOrderPreservingTS​(java.lang.String tweak, java.lang.String encDataStr) throws java.lang.SecurityException
      Decrypt a Timestamp value encrypted with order preserving encryption
      Parameters:
      tweak - The tweak used for the decryption
      encDataStr - The encrypted value
      Returns:
      Timestamp value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public boolean encryptTypePreserving​(java.lang.String tweak, boolean data) throws java.lang.SecurityException
      Encrypt a boolean value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public boolean decryptTypePreserving​(java.lang.String tweak, boolean encData) throws java.lang.SecurityException
      Decrypt an encryptyed boolean value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Boolean value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Blob encryptTypePreserving​(java.lang.String tweak, java.sql.Blob data) throws java.lang.SecurityException
      Encrypt a Blob value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Blob decryptTypePreserving​(java.lang.String tweak, java.sql.Blob encData) throws java.lang.SecurityException
      Decrypt an encryptyed Blob value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Blob value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Clob encryptTypePreserving​(java.lang.String tweak, java.sql.Clob data) throws java.lang.SecurityException
      Encrypt a Clob value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Clob decryptTypePreserving​(java.lang.String tweak, java.sql.Clob encData) throws java.lang.SecurityException
      Decrypt an encryptyed Clob value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      Clob value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.math.BigDecimal encryptTypePreserving​(java.lang.String tweak, java.math.BigDecimal data) throws java.lang.SecurityException
      Encrypt a BigDecimal value
      Parameters:
      tweak - The tweak used for the encryption
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.math.BigDecimal decryptTypePreserving​(java.lang.String tweak, java.math.BigDecimal encData) throws java.lang.SecurityException
      Decrypt an encryptyed BigDecimal value
      Parameters:
      tweak - The tweak used for the process
      encData - The encrypted value
      Returns:
      BigDecimal value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptEMailAddress

      public java.lang.String encryptEMailAddress​(java.lang.String tweak, java.lang.String in, int maxSize) throws java.lang.SecurityException
      Encrypt an email address in format preserving form, where the encrypted value is also a legitimate email address.
      It can contain these characters: A-Z, a-z, 0-9, .!#$%&*+-/={|}~(),:;<>[]
      It must contain an @ as a separator and cannot contain spaces.
      Parameters:
      tweak - The tweak used for the encryption
      in - Email address to encrypt
      maxSize - Maximum size of all email addresses encrypted
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptEMailAddress

      public java.lang.String decryptEMailAddress​(java.lang.String tweak, java.lang.String in) throws java.lang.SecurityException
      Decrypt an encrypted email address, where the encrypted value is also an email address.
      Parameters:
      tweak - The tweak used for the decryption
      in - The encrypted value
      Returns:
      Original plain email address
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptCreditCard

      public java.lang.String encryptCreditCard​(java.lang.String tweak, java.lang.String in) throws java.lang.SecurityException
      Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number. Encryption uses a Luhn algorithm to verify valid credit card numbers.
      Parameters:
      tweak - The tweak used for the encryption
      in - Credit card number to encrypt
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptCreditCard

      public java.lang.String encryptCreditCard​(java.lang.String tweak, java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number. Encryption uses a Luhn algorithm to verify valid credit card numbers.
      Parameters:
      tweak - The tweak used for the encryption
      in - Credit card number to encrypt
      format - The credit card number, where the # characters get encrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. For example, for "????-####-####-####", the first 4 numbers are plain and the rest of the credit card number is encrypted.
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptCreditCard

      public java.lang.String decryptCreditCard​(java.lang.String tweak, java.lang.String in) throws java.lang.SecurityException
      Decrypt a credit card number, where the encrypted value is also a credit card number
      Parameters:
      tweak - The tweak used for the decryption
      in - The encrypted value
      Returns:
      Original plain credit card
      Throws:
      java.lang.SecurityException - In case of decryption error

    • decryptCreditCard

      public java.lang.String decryptCreditCard​(java.lang.String tweak, java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Decrypt a credit card number, where the encrypted value is also a credit card number
      Parameters:
      tweak - The tweak used for the decryption
      in - The encrypted value
      format - The credit card number, where the # characters get decrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. For example, for "????-####-####-####", the first 4 numbers are plain and the rest of the credit card number is decrypted.
      Returns:
      Original plain credit card
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptUSPhone

      public java.lang.String encryptUSPhone​(java.lang.String tweak, java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Encrypt a US phone in format preserving form, where the encrypted value is also a legitimate US phone number.
      The number is 10 digits. Any non-digits, such as hyphens, are passed as-is. It is validated by checking the format aaa-bcc-dddd, where aaa > 200, b >= 2, and cc is not 11.
      Parameters:
      tweak - The tweak used for the encryption
      in - Phone number to encrypt
      format - The output format, where the # characters get encrypted and other characters are passed as-is to the output. For example, the format could be "###-###-####".
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptUSPhone

      public java.lang.String decryptUSPhone​(java.lang.String tweak, java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Decrypt an encrypted US phone number, where the encrypted value is also a US phone number
      Parameters:
      tweak - The tweak used for the decryption
      in - The encrypted value
      format - The output format, where the # characters get decrypted and other characters are passed as-is to the output. For example, the format could be "###-###-####".
      Returns:
      Original plain US phone number
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptSSN

      public java.lang.String encryptSSN​(java.lang.String tweak, java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Encrypt an SSN in format preserving form, where the encrypted value is also a legitimate SSN.

      The SSN can be all numbers except:
      - Numbers with all zeros in any digit group (000-##-####, ###-00-####, ###-##-0000).
      - Numbers with 666 or 900-999 (Individual Taxpayer Identification Number) in the first digit group.
      Parameters:
      tweak - The tweak used for the encryption
      in - SSN to encrypt
      format - The output format, where the # characters get encrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. Note that only the last 4 numbers can be plain text, so only "###-##-####" and "###-##-????" are acceptable formats (with or without the hyphen delimiters).
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptSSN

      public java.lang.String decryptSSN​(java.lang.String tweak, java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Decrypt an encrypted SSN, where the encrypted value is also SSN
      Parameters:
      tweak - The tweak used for the decryption
      in - The encrypted value
      format - The output format, where the # characters get decrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. Note that only the last 4 numbers can be plain text, so only "###-##-####" and "###-##-????" are acceptable formats (with or without the hyphen delimiters).
      Returns:
      Original plain SSN
      Throws:
      java.lang.SecurityException - In case of decryption error