Package com.dyadicsec.advapi

Class SDESessionKey

java.lang.Object
com.dyadicsec.advapi.SDESessionKey
public class SDESessionKey
extends java.lang.Object
This class includes methods for application level encryption using a derived data encryption key (DEK), see Application-Level Encryption in the UKC Developers Guide for more information.

  • Method Summary

    Modifier and Type Method Description
    java.lang.String decryptCreditCard​(java.lang.String in)
    Decrypt a credit card number, where the encrypted value is also a credit card number
    java.lang.String decryptCreditCard​(java.lang.String in, java.lang.String format)
    Decrypt a credit card number, where the encrypted value is also a credit card number
    java.lang.String decryptEMailAddress​(java.lang.String in)
    Decrypt an encrypted email address, where the encrypted value is also an email address.
    int decryptOrderPreserving​(long encData)
    Decrypt an integer value encrypted with order preserving encryption
    java.lang.String decryptOrderPreserving​(java.lang.String encDataStr)
    Decrypt a string value encrypted with order preserving encryption
    java.sql.Timestamp decryptOrderPreservingTS​(java.lang.String encDataStr)
    Decrypt a Timestamp value encrypted with order preserving encryption
    java.lang.String decryptSSN​(java.lang.String in, java.lang.String format)
    Decrypt an encrypted SSN, where the encrypted value is also SSN
    boolean decryptTypePreserving​(boolean encData)
    Decrypt an encryptyed boolean value
    byte[] decryptTypePreserving​(byte[] in)
    Decrypt a byte array
    double decryptTypePreserving​(double encData)
    Decrypt an encryptyed double value
    float decryptTypePreserving​(float encData)
    Decrypt an encryptyed float value
    int decryptTypePreserving​(int encData)
    Decrypt an encryptyed integer value
    long decryptTypePreserving​(long encData)
    Decrypt an encryptyed long value
    short decryptTypePreserving​(short encData)
    Decrypt an encryptyed short value
    java.lang.String decryptTypePreserving​(java.lang.String in, boolean BMPOnly)
    Decrypt a string value
    java.math.BigDecimal decryptTypePreserving​(java.math.BigDecimal encData)
    Decrypt an encryptyed BigDecimal value
    java.sql.Blob decryptTypePreserving​(java.sql.Blob encData)
    Decrypt an encryptyed Blob value
    java.sql.Clob decryptTypePreserving​(java.sql.Clob encData)
    Decrypt an encryptyed Clob value
    java.sql.Date decryptTypePreserving​(java.sql.Date enc)
    Decrypt an encryptyed Date value
    java.sql.Time decryptTypePreserving​(java.sql.Time time)
    Decrypt an encryptyed Time value
    java.sql.Timestamp decryptTypePreserving​(java.sql.Timestamp encData)
    Decrypt an encryptyed Timestamp value
    java.lang.String decryptUSPhone​(java.lang.String in, java.lang.String format)
    Decrypt an encrypted US phone number, where the encrypted value is also a US phone number
    void destroy()  
    java.lang.String encryptCreditCard​(java.lang.String in)
    Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number.
    java.lang.String encryptCreditCard​(java.lang.String in, java.lang.String format)
    Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number.
    java.lang.String encryptEMailAddress​(java.lang.String in, int maxLen)
    Encrypt an email address in format preserving form, where the encrypted value is also a legitimate email address.
    It can contain these characters: A-Z, a-z, 0-9, .!#$%&*+-/={|}~(),:;<>[]
    It must contain an @ as a separator and cannot contain spaces.
    long encryptOrderPreserving​(int data)
    Encrypt an integer value in order preserving form, encrypted value is of type long
    long encryptOrderPreserving​(short data)
    Encrypt a short value in order preserving form, where the return value is of type long
    java.lang.String encryptOrderPreserving​(java.lang.String data, int size)
    Encrypt a string value in order preserving form
    java.lang.String encryptOrderPreserving​(java.sql.Timestamp data)
    Encrypt a Timestamp value in order preserving form, encrypted value is of string type
    byte[] encryptPRF​(byte[] in)
    Creates a unique searchable token from a byte array
    java.lang.String encryptPRF​(java.lang.String data)
    Creates a unique searchable token from a byte array
    java.lang.String encryptSSN​(java.lang.String in, java.lang.String format)
    Encrypt an SSN in format preserving form, where the encrypted value is also a legitimate SSN.

    The SSN can be all numbers except:
    - Numbers with all zeros in any digit group (000-##-####, ###-00-####, ###-##-0000).
    - Numbers with 666 or 900-999 (Individual Taxpayer Identification Number) in the first digit group.
    boolean encryptTypePreserving​(boolean data)
    Encrypt a boolean value
    byte[] encryptTypePreserving​(byte[] in)
    Encrypt a byte array
    double encryptTypePreserving​(double data)
    Encrypt a double value
    float encryptTypePreserving​(float data)
    Encrypt a float value
    int encryptTypePreserving​(int data)
    Encrypt a integer value
    long encryptTypePreserving​(long data)
    Encrypt a long value
    short encryptTypePreserving​(short data)
    Encrypt a short value
    java.lang.String encryptTypePreserving​(java.lang.String in, boolean BMPOnly)
    Encrypt a string value.
    java.math.BigDecimal encryptTypePreserving​(java.math.BigDecimal data)
    Encrypt a BigDecimal value
    java.sql.Blob encryptTypePreserving​(java.sql.Blob data)
    Encrypt a Blob value
    java.sql.Clob encryptTypePreserving​(java.sql.Clob data)
    Encrypt a Clob value
    java.sql.Date encryptTypePreserving​(java.sql.Date plain)
    Encrypt a Date value
    java.sql.Time encryptTypePreserving​(java.sql.Time time)
    Encrypt a Time value
    java.sql.Timestamp encryptTypePreserving​(java.sql.Timestamp data)
    Encrypt a Timestamp value
    java.lang.String encryptUSPhone​(java.lang.String in, java.lang.String format)
    Encrypt a US phone in format preserving form, where the encrypted value is also a legitimate US phone number.
    The number is 10 digits.
    protected void finalize()  
    byte[] getKeyMaterial()  
    SDEKey getSDEKey()
    Get the SDEKey used to derive this date encryption key

    Methods inherited from class java.lang.Object

    clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • finalize

      protected void finalize()
      Overrides:
      finalize in class java.lang.Object

    • destroy

      public void destroy()

    • getKeyMaterial

      public byte[] getKeyMaterial()

    • getSDEKey

      public SDEKey getSDEKey()
      Get the SDEKey used to derive this date encryption key
      Returns:
      The SDEKey used for this data encryption key derivation

    • encryptPRF

      public byte[] encryptPRF​(byte[] in) throws java.lang.SecurityException
      Creates a unique searchable token from a byte array
      Parameters:
      in - The input data
      Returns:
      Searchable token of size 16 bytes
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptPRF

      public java.lang.String encryptPRF​(java.lang.String data) throws java.lang.SecurityException
      Creates a unique searchable token from a byte array
      Parameters:
      data - The input data
      Returns:
      Searchable token of size 16 bytes
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptTypePreserving

      public byte[] encryptTypePreserving​(byte[] in) throws java.lang.SecurityException
      Encrypt a byte array
      Parameters:
      in - The data to encrypt, where the length of the array should be even or at least 16 bytes
      Returns:
      The encrypted value, where the size of the encrypted data equals to the size of the input
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public byte[] decryptTypePreserving​(byte[] in) throws java.lang.SecurityException
      Decrypt a byte array
      Parameters:
      in - The encrypted data
      Returns:
      Decrryped byte array
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.lang.String encryptTypePreserving​(java.lang.String in, boolean BMPOnly) throws java.lang.SecurityException
      Encrypt a string value. The string must be Unicode (as defined by ISO/IEC 10646).
      Parameters:
      in - The data to encrypt
      BMPOnly - Determines if the plain and cipher text includes only Unicode Basic Multilingual Plane (BMP) codes or all Unicode planes. BMP should be suitable for most of the use cases and has a more compact byte representation. Set to false if the full set of Unicode codes is required. For more information on Unicode planes, see https://en.wikipedia.org/wiki/Plane_(Unicode)
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.lang.String decryptTypePreserving​(java.lang.String in, boolean BMPOnly) throws java.lang.SecurityException
      Decrypt a string value
      Parameters:
      in - The data to decrypt
      BMPOnly - Determines if the plain and cipher text includes only Unicode Basic Multilingual Plane (BMP) codes or all Unicode planes. BMP should be suitable for most of the use cases and has a more compact byte representation. Set to false if the full set of Unicode codes is required. For more information on Unicode planes, see https://en.wikipedia.org/wiki/Plane_(Unicode)
      Returns:
      Plain value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptOrderPreserving

      public java.lang.String encryptOrderPreserving​(java.lang.String data, int size) throws java.lang.SecurityException
      Encrypt a string value in order preserving form
      Parameters:
      data - The data to encrypt
      size - Maximum size of values that should be compared with this value
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptOrderPreserving

      public java.lang.String decryptOrderPreserving​(java.lang.String encDataStr) throws java.lang.SecurityException
      Decrypt a string value encrypted with order preserving encryption
      Parameters:
      encDataStr - The encrypted value
      Returns:
      String value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public long encryptTypePreserving​(long data) throws java.lang.SecurityException
      Encrypt a long value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public long decryptTypePreserving​(long encData) throws java.lang.SecurityException
      Decrypt an encryptyed long value
      Parameters:
      encData - The encrypted value
      Returns:
      long value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public int encryptTypePreserving​(int data) throws java.lang.SecurityException
      Encrypt a integer value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public int decryptTypePreserving​(int encData) throws java.lang.SecurityException
      Decrypt an encryptyed integer value
      Parameters:
      encData - The encrypted value
      Returns:
      long value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptOrderPreserving

      public long encryptOrderPreserving​(int data) throws java.lang.SecurityException
      Encrypt an integer value in order preserving form, encrypted value is of type long
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptOrderPreserving

      public int decryptOrderPreserving​(long encData) throws java.lang.SecurityException
      Decrypt an integer value encrypted with order preserving encryption
      Parameters:
      encData - The encrypted value
      Returns:
      Integer value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public short encryptTypePreserving​(short data) throws java.lang.SecurityException
      Encrypt a short value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public short decryptTypePreserving​(short encData) throws java.lang.SecurityException
      Decrypt an encryptyed short value
      Parameters:
      encData - The encrypted value
      Returns:
      String value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptOrderPreserving

      public long encryptOrderPreserving​(short data) throws java.lang.SecurityException
      Encrypt a short value in order preserving form, where the return value is of type long
      Parameters:
      data - The value to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptTypePreserving

      public float encryptTypePreserving​(float data) throws java.lang.SecurityException
      Encrypt a float value
      Parameters:
      data - The value to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public float decryptTypePreserving​(float encData) throws java.lang.SecurityException
      Decrypt an encryptyed float value
      Parameters:
      encData - The encrypted value
      Returns:
      Float value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public double encryptTypePreserving​(double data) throws java.lang.SecurityException
      Encrypt a double value
      Parameters:
      data - The value to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public double decryptTypePreserving​(double encData) throws java.lang.SecurityException
      Decrypt an encryptyed double value
      Parameters:
      encData - The encrypted value
      Returns:
      Double value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Date encryptTypePreserving​(java.sql.Date plain) throws java.lang.SecurityException
      Encrypt a Date value
      Parameters:
      plain - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Date decryptTypePreserving​(java.sql.Date enc) throws java.lang.SecurityException
      Decrypt an encryptyed Date value
      Parameters:
      enc - The encrypted value
      Returns:
      Date value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Time encryptTypePreserving​(java.sql.Time time) throws java.lang.SecurityException
      Encrypt a Time value
      Parameters:
      time - The time to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Time decryptTypePreserving​(java.sql.Time time) throws java.lang.SecurityException
      Decrypt an encryptyed Time value
      Parameters:
      time - The encrypted value
      Returns:
      Time value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Timestamp encryptTypePreserving​(java.sql.Timestamp data) throws java.lang.SecurityException
      Encrypt a Timestamp value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Timestamp decryptTypePreserving​(java.sql.Timestamp encData) throws java.lang.SecurityException
      Decrypt an encryptyed Timestamp value
      Parameters:
      encData - The encrypted value
      Returns:
      Timestamp value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptOrderPreserving

      public java.lang.String encryptOrderPreserving​(java.sql.Timestamp data) throws java.lang.SecurityException
      Encrypt a Timestamp value in order preserving form, encrypted value is of string type
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptOrderPreservingTS

      public java.sql.Timestamp decryptOrderPreservingTS​(java.lang.String encDataStr) throws java.lang.SecurityException
      Decrypt a Timestamp value encrypted with order preserving encryption
      Parameters:
      encDataStr - The encrypted value
      Returns:
      Timestamp value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public boolean encryptTypePreserving​(boolean data) throws java.lang.SecurityException
      Encrypt a boolean value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public boolean decryptTypePreserving​(boolean encData) throws java.lang.SecurityException
      Decrypt an encryptyed boolean value
      Parameters:
      encData - The encrypted value
      Returns:
      Boolean value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Blob encryptTypePreserving​(java.sql.Blob data) throws java.lang.SecurityException
      Encrypt a Blob value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Blob decryptTypePreserving​(java.sql.Blob encData) throws java.lang.SecurityException
      Decrypt an encryptyed Blob value
      Parameters:
      encData - The encrypted value
      Returns:
      Blob value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.sql.Clob encryptTypePreserving​(java.sql.Clob data) throws java.lang.SecurityException
      Encrypt a Clob value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.sql.Clob decryptTypePreserving​(java.sql.Clob encData) throws java.lang.SecurityException
      Decrypt an encryptyed Clob value
      Parameters:
      encData - The encrypted value
      Returns:
      Clob value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptTypePreserving

      public java.math.BigDecimal encryptTypePreserving​(java.math.BigDecimal data) throws java.lang.SecurityException
      Encrypt a BigDecimal value
      Parameters:
      data - The data to encrypt
      Returns:
      Encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptTypePreserving

      public java.math.BigDecimal decryptTypePreserving​(java.math.BigDecimal encData) throws java.lang.SecurityException
      Decrypt an encryptyed BigDecimal value
      Parameters:
      encData - The encrypted value
      Returns:
      BigDecimal value in plain
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptEMailAddress

      public java.lang.String encryptEMailAddress​(java.lang.String in, int maxLen) throws java.lang.SecurityException
      Encrypt an email address in format preserving form, where the encrypted value is also a legitimate email address.
      It can contain these characters: A-Z, a-z, 0-9, .!#$%&*+-/={|}~(),:;<>[]
      It must contain an @ as a separator and cannot contain spaces.
      Parameters:
      in - Email address to encrypt
      maxLen - Maximum size of all email addresses encrypted
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptEMailAddress

      public java.lang.String decryptEMailAddress​(java.lang.String in) throws java.lang.SecurityException
      Decrypt an encrypted email address, where the encrypted value is also an email address.
      Parameters:
      in - The encrypted value
      Returns:
      Original plain email address
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptCreditCard

      public java.lang.String encryptCreditCard​(java.lang.String in) throws java.lang.SecurityException
      Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number. Encryption uses a Luhn algorithm to verify valid credit card numbers.
      Parameters:
      in - Credit card number to encrypt
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • encryptCreditCard

      public java.lang.String encryptCreditCard​(java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Encrypt a credit card number in format preserving form, where the encrypted value is also a legitimate credit card number. Encryption uses a Luhn algorithm to verify valid credit card numbers.
      Parameters:
      in - Credit card number to encrypt
      format - The credit card number, where the # characters get encrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. For example, for "????-####-####-####", the first 4 numbers are plain and the rest of the credit card number is encrypted.
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptCreditCard

      public java.lang.String decryptCreditCard​(java.lang.String in) throws java.lang.SecurityException
      Decrypt a credit card number, where the encrypted value is also a credit card number
      Parameters:
      in - The encrypted value
      Returns:
      Original plain credit card
      Throws:
      java.lang.SecurityException - In case of decryption error

    • decryptCreditCard

      public java.lang.String decryptCreditCard​(java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Decrypt a credit card number, where the encrypted value is also a credit card number
      Parameters:
      in - The encrypted value
      format - The credit card number, where the # characters get decrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. For example, for "????-####-####-####", the first 4 numbers are plain and the rest of the credit card number is decrypted.
      Returns:
      Original plain credit card
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptUSPhone

      public java.lang.String encryptUSPhone​(java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Encrypt a US phone in format preserving form, where the encrypted value is also a legitimate US phone number.
      The number is 10 digits. Any non-digits, such as hyphens, are passed as-is. It is validated by checking the format aaa-bcc-dddd, where aaa > 200, b >= 2, and cc is not 11.
      Parameters:
      in - Phone number to encrypt
      format - The output format, where the # characters get encrypted and other characters are passed as-is to the output. For example, the format could be "###-###-####".
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptUSPhone

      public java.lang.String decryptUSPhone​(java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Decrypt an encrypted US phone number, where the encrypted value is also a US phone number
      Parameters:
      in - The encrypted value
      format - The output format, where the # characters get decrypted and other characters are passed as-is to the output. For example, the format could be "###-###-####".
      Returns:
      Original plain US phone number
      Throws:
      java.lang.SecurityException - In case of decryption error

    • encryptSSN

      public java.lang.String encryptSSN​(java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Encrypt an SSN in format preserving form, where the encrypted value is also a legitimate SSN.

      The SSN can be all numbers except:
      - Numbers with all zeros in any digit group (000-##-####, ###-00-####, ###-##-0000).
      - Numbers with 666 or 900-999 (Individual Taxpayer Identification Number) in the first digit group.
      Parameters:
      in - SSN to encrypt
      format - The output format, where the # characters get encrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. Note that only the last 4 numbers can be plain text, so only "###-##-####" and "###-##-????" are acceptable formats (with or without the hyphen delimiters).
      Returns:
      The encrypted value
      Throws:
      java.lang.SecurityException - In case of encryption error

    • decryptSSN

      public java.lang.String decryptSSN​(java.lang.String in, java.lang.String format) throws java.lang.SecurityException
      Decrypt an encrypted SSN, where the encrypted value is also SSN
      Parameters:
      in - The encrypted value
      format - The output format, where the # characters get decrypted, the ? characters are passed as plain text, and other characters are passed as-is to the output. Note that only the last 4 numbers can be plain text, so only "###-##-####" and "###-##-????" are acceptable formats (with or without the hyphen delimiters).
      Returns:
      Original plain SSN
      Throws:
      java.lang.SecurityException - In case of decryption error