FPEFormatEncryption
This API encrypts data using FPE while preserving format of plaintext.
URL
<http/https>://<host-name>:<Port>/protectappws/services/rest/fpeFormat/encrypt
Input Parameters
| Parameters | Description |
|---|---|
| userName | User name. |
| password | Password associated with the user. |
| format | The format in which some part of input data is to be kept intact, that is, the selected part of the input data is not encrypted Valid values are: — LAST_FOUR — FIRST_SIX — FIRST_SIX_LAST_FOUR — FIRST_TWO_LAST_FOUR — NONE |
| keyName | Name of the key. |
| transformation | Transformation to be used. It overrides the standard padding. |
| data | Data to be encrypted. |
| tweakData | Optional, If tweak data algorithm is "None" or absent, the value must be HEX encoded string representing 64 bit long (hence HEX encoding will consume 16 characters). Tweak data is mandatory if Tweak Algo is given, else it is optional. |
| tweakAlgo | Optional, default is none. |
| certAlias | Client certificate alias for making SSL connections (optional). |
| certPassword | Password for the provided certificate alias (optional). |
Note
In case if tweak data algorithm represents any valid algorithm, the tweak data value can be any ASCII string (not necessarily HEX). Tweak Data is first processed using Tweak Hash Algorithm and the result is truncated to 64 bits for input to the FPE algorithm.
Sample REST call for cxf
request
{
"FPEFormatEncryptionRequest": {
"userName": "cryptouser",
"password": "safenet@123",
"format": "last_four",
"keyName": "AESKey",
"transformation": "FPE/AES/CARD10",
"plainText": "713-456",
"tweakData": "hello",
"tweakAlgo": "SHA1",
}
}
response
{
"FPEFormatEncryptionResponse": {
"encryptedData": "163-456"
}
}
