Reveal Data
Overview
This API decrypts the encrypted text and returns the output as byte array to the user based on the reveal format defined in the access policy. The protection and access policies will be fetched from CipherTrust Manager once the reveal API is called.
Note
If data is already encrypted with a protection policy, ensure to decrypt the data with the same protection policy.
Prerequisites
- CipherTrust Manager must be up and running. Refer to CipherTrust Manager Deployment for details. 
- CADP for Java must be up and running and the client must be registered. Refer to the Quick Start section for details. 
- Access Policy must be created. Refer to Creating Access Policy for details. 
- Protection policy must be created. Refer to Creating Protection Policy for details. 
Request
| Argument | Description | 
|---|---|
| cipherTextDataObject | Object of CipherTextDatawhich holds the response of protect API. | 
| protectionPolicyName | Protection policy to be used during the reveal operation. | 
| userName | Name of the user for whom data will be revealed. The reveal format depends on the access policy. If username is null, blank, or not part of user set, the default reveal format will be used. | 
The following code snippet shows how to reveal data.
    byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, protectionPolicyName,userName);
Response
The reveal API returns the byte[]. 
Examples
Reveal data as ciphertext using internal versioning protection policy
- Protection Policy: Internal protection policy, named - internal-pp
- CipherTextData to be revealed: cipherTextDataObject (1001000GZhPph2dD3qJCrC9x2S7C2g) 
- UserName: user1 
- Reveal format: Ciphertext 
Request
    byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "internal-pp","user1");
Response
System.out.println("Revealed Data: " + new String(revealedData));
In response, CipherTextData (1001000GZhPph2dD3qJCrC9x2S7C2g) is returned to user1.
Reveal data as plaintext using external versioning protection policy
- Protection Policy: External protection policy, named - external-pp
- CipherTextData to be revealed: cipherTextDataObject (GZhPph2dD3qJCrC9x2S7C2g) 
- UserName: user2 
- Reveal format: Plaintext 
Request
byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "external-pp","user1");
Response
System.out.println("revealedData: " + new String(revealedData));
In response, Plaintext (1AX2345678vW12345678Pg5) is returned to user2.
The reveal operation reads the version header (1001000) details using the cipherTextDataObject.getVersion() method.
Reveal data as error replacement value using disabled versioning protection policy
Sample 1: Revealing data as null
- Protection Policy: Disabled protection policy, named - disabled-pp
- CipherTextData to be revealed: cipherTextDataObject ( - GZhPph2dD3qJCrC9x2S7C2g)
- UserName: user3 
- Reveal format: Error Replacement Value (null) 
Request
byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "disabled-pp","user3");
Response
System.out.println("revealedData: " + revealedData);
In response, error replacement value (null) is returned to user3.
Sample 2: Revealing data as custom error replacement value
- Protection Policy: Disabled protection policy, named - disabled-pp
- CipherTextData to be revealed: cipherTextDataObject ( - GZhPph2dD3qJCrC9x2S7C2g)
- UserName: user4 
- Reveal format: Custom error replacement value (000000) 
Request
byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "disabled-pp","user4");
Response
System.out.println("revealedData: " + new String(revealedData));
In response, custom error replacement value (000000) is returned to user4.
Reveal data as masked value using external versioning protection policy
- Operation: Reveal 
- Protection Policy: External protection policy, named - external-pp
- CipherTextData to be revealed: cipherTextDataObject ( - GZhPph2dD3qJCrC9x2S7C2g)
- UserName: user2 
- Dynamic masking format: SHOW_FIRST_TWO_LAST_FOUR 
- Reveal format: Masked value 
Request
byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "external-pp","user2");
Response
System.out.println("revealedData: " + new String(revealedData));
The reveal operation will read the version header using the cipherTextDataObject.getVersion() method. In response, masked value (Doxxxxxxxxxxs0Oe) is returned to user2.
Reveal small input value
- Protection Policy: Internal protection policy, named - internal-pp
- CipherTextData to be revealed: cipherTextDataObject (1001000CC-1) 
- UserName: user1 
- Reveal format: Ciphertext 
Request
    byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "internal-pp","user1");
Response
System.out.println("Revealed Data: " + new String(revealedData));
In response, CipherTextData (1) is returned to user1.
Reveal data as default format
Data is revealed as default format in the following scenarios:
- When username is not part of any user set. 
- When null is passed as username. 
- When empty string ("") is passed as username. 
Following are the samples where default reveal format is used:
    byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "protectionPolicyName","userName");// here, username is not part of any user set.
    Or
    byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "protectionPolicyName","null");//here, null is passed as UserName in the API call.
    Or
    byte[] revealedData = CryptoManager.reveal(cipherTextDataObject, "protectionPolicyName","");//here empty string is passed in the API call.
Reference
The compiled sample for reveal is available on Github.