Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Session Oriented APIS

Session_FPEFormatEncryption

search

Please Note:

Session_FPEFormatEncryption

This API encrypts data using FPE while preserving format of plaintext.

URL

./Session_FPEFormatEncryption

Input Parameters

ParametersDescription
formatThe format in which some part of input data is to be kept intact, that is, the selected part of the input data is not encrypted
Valid values are:
— LAST_FOUR
— FIRST_SIX
— FIRST_SIX_LAST_FOUR
— FIRST_TWO_LAST_FOUR
— NONE
— CUSTOM

The CUSTOM format allows you to choose the starting and the ending characters to be preserved. This format uses the following fields:
numberOfElementsFromStart - enter the number of starting characters to be preserved.
numberOfElementsBeforeEnd - enter the number of ending characters to be preserved.


For FPE/AES, the aforementioned formats are only supported with CARD10.

keyNameName of the key.
charsetCharset range on which cryptographic operation is to be performed. This parameter is only required with Unicode.
Multiple ranges separated by comma are allowed. For example, to specify Greek and digit range, use the following format: 0E00-0E7F, 0030-0039.
transformationTransformation to be used. It overrides the standard padding. Supported options are:
— FPE/XXX/CARD10
— FPE/XXX/CARD26
— FPE/XXX/CARD62
— FPE/XXX/UNICODE

Here, XXX can be AES, FF1, FF1v2, FF3, or FF3-1.

keyivThis parameter is only applicable for FPE/AES transformation.
FPE/AES/CARD10: a 56 bytes IV when data size is >56 bytes.
FPE/AES/CARD26: a 40 bytes IV when data size is >40 bytes.
FPE/AES/CARD62: a 32 bytes IV when data size is >32 bytes.
FPE/AES/UNICODE: When cardinality is y, a x characters IV is used when data size is >x characters.
Here, y is the number of characters in the unicode character set file, and corresponding value of x is derived using the following formula:
double lg = Math.log10(Math.pow((double)2,(double)96))/Math.log10((double)CharacterSet_size);
double block_len = 2 * Math.floor(lg);
The table with cardinality and corresponding IV value based on the above formula is provided in here.

If data size is less than lg and you want to skip IV, set ignoreIv to true.

dataData to be encrypted.
tweakDataOptional, If tweak data algorithm is "None" or absent, the value must be HEX encoded string representing 64 bit long (hence HEX encoding will consume 16 characters). Tweak data is mandatory if Tweak Algo is given, else it is optional.
tweakAlgoDefault is none (optional).
encodingEncoding method to be used. Currently, only UTF-8 is supported.

Sample SOAP Parameters

<prot:Session_FPEFormatEncryption>
    <format>LAST_FOUR</format>
    <keyName>cryptokey</keyName>
    <transformation>FPE/AES/CARD10</transformation>
    <data>713-456</data>
    <!--Optional:-->
    <tweakData>hello</tweakData>
    <!--Optional:-->
    <tweakAlgo>SHA1</tweakAlgo>
    <!--Optional:-->
    <charset>?</charset>
    <!--Optional:-->
    <keyiv>?</keyiv>
    <!--Optional:-->
    <numberOfElementsFromStart>?</numberOfElementsFromStart>
    <!--Optional:-->
    <numberOfElementsBeforeEnd>?</numberOfElementsBeforeEnd>
    <!--Optional:-->
    <encoding>UTF-8</encoding>
</prot:Session_FPEFormatEncryption>

Output

Encrypted data with last four characters preserved.

<ns2:Session_FPEFormatEncryptResponse xmlns:ns2="http://dsws.org/protectappws/">163-456</ns2:Session_ FPEFormatEncryptResponse>

On this page