Reference: Formats, Algorithms, and Scopes
These are allowable combinations of encryption input data formats, the supported algorithms for those formats, and the scope of the data that is encrypted.
The combinations are subdivided into groups based on the underlying API:
- Privacera API
- Bouncy Castle API
Other Schemes Now Deprecated#
The schemes listed here are the only supported certified schemes.
All other schemes not listed here are deprecated, although they are listed in the Privacera Platform UI.
Numeric formats with FPE algorithm: input must be string#
For a scheme with Numeric format type and FPE algorithm, the numeric data on the calls to /protect
and /unprotect
must be a string.
To preserve the format and length, the encrypted output must also be stored as a string.
Example: Encrypting a number via FPE like 123456
might result in output like 027931
.
To preserve the format and length the 0 prefix needs to be retained.
Storing this result in string format ensures that future decryption/encryption functions correctly.
Privacera API#
The following combinations can be used with the Privacera API.
The request and response examples show the datalist
JSON element with the Privacera Encryption REST API /protect endpoint.
Format: Alphanumeric#
- Algorithm: Alphanumeric, Scope: All
Example
- Request:
"datalist": [
[
"TUCSON AZ 85705,USA",
"testdata115",
"105 Sikes Hall, Clemson, SC 29634, USA",
"177A Bleecker Street",
null
]
]
- Response:
"datalist": [
[
"hGL8f5ycfDDrxguRRZhDTPINOfHZmlxik5bW2xz9Mbg=",
"7GEWk9XuIigzkTczc9Ntzg==",
"9e6obWu6mh9vK2xkEcFvOeXSYwve2Ws9jQ1AEBVxc3zj5lFGNcBPxxLpgyyZin0u",
"MDtays2tyyOv5egH+OXbk9UqL2RDTZRhqNYxaEULsjs=",
null
]
]
Format: ASCII#
7-bit ASCII character set, excluding control characters.
- Algorithm: FPE, Scope: All
Example
- Request:
"datalist": [
[
"testvalue123",
"This is a sample text",
"This is sample 123 alphanumeric text 123.",
"123456789098765",
"123!@#R)(*&^4567JHG",
null
]
]
- Response:
"datalist": [
[
"[pa&xA_)1qs=",
"?xUs.H';NIy>BJ0@y9{qq",
"o/|R7&k)d>dmp^Am}.%-F]_Ym7c]@B~Xm)eOB+=w*",
"/apLBEweK)?| *t",
"{lD+U%cMLKM]k+`lt}.",
null
]
],
Format: CC#
Credit card. Numeric from 14 to 19 digits. Hyphens and spaces allowed.
- Algorithm: FPE, Scope: All
- Algorithm: FPE, Scope: First 4 digits
- Algorithm: FPE, Scope: Last 4 digits
Example of FPE, All
-
Request:
"datalist": [ [ "236864479139819", "160201209940524", "41228020889831", "7529274609013685", null, "6536921047107462", "4766530513049409" ] ]
-
Response:
"datalist": [ [ "524312768689370", "535332579591178", "79759512315352", "1072002057261056", null, "3907516129227718", "6712017221140690" ] ]
Formats: DATE and Date_DD_MM#
- Algorithm: FPE, Scope: All
For details on allowable formats, see Date Input Formats and Ranges
Example
-
Request:
"datalist": [ [ "16/12/3352", "09/02/3508", "16-12-3352", "21-03-3421", "19/12/3224 21:01:24:202", null ] ]
-
Response:
"datalist": [ [ "16/12/3352", "09/02/3508", "16-12-3352", "21-03-3421", "12/07/3871 20:44:36:480", null ] ]
Format: Driver License#
- Algorithm: FPE, Scope: All
Example
-
Request:
"datalist": [ [ "A123456789012", "12345678X", null, "123456789", "m1234567", "12345678123456789", "123456789", null, "113654424", "999000680", "B13654424", "G544-061-73-925-0", "AA123456Z", null ] ]
-
Response:
"datalist": [ [ "09HnovI2QR9jw", "pIJijAhlj", null, "pnZaDghd0", "ICSdAHiD", "92SRB3QE5S6TunSRA", "pnZaDghd0", null, "J1XT5UuBq", "SHdt78Two", "PMGoghnkh", "rusP-R4U-EG-nVV-r", "YslNiR2As", null ] ]
Format: Email#
Must include @ sign.
- Algorithm: FPE, Scope: All
- Algorithm: FPE, Scope: masked username
- Algorithm: FPE, Scope: masked domain
Example of FPE, All
-
Request:
"datalist": [ [ "test@domain.com", "lastname@domain.com", "test.email.with+symbol@domain.com", "id-with-dash@domain.com", "example-abc@abc-domain.com", "admin@mailserver1", "#!$%&'*+-/=?^_{}|~@domain.org", "example@localhost", "example@s.solutions", "test@com", "test@localserver", null ] ]
-
Response:
"datalist": [ [ "T~oi@GaRxEU.ZFq", "R82`Rs7E@GaRxEU.ZFq", "s%x{.&FEi!.qPEjpST2gK#@GaRxEU.ZFq", "t+g_4s+Vn_?7@GaRxEU.ZFq", "bPVRw9_x_J`@DmF-AyWNGj.gxA", "BnAIk@lhGbMXvogj1", "GZhp3&iMy^X|0Jij%s@WCXdsf.BYi", "vUnO=Fb@IWyJfKkFW", "vUnO=Fb@X.wpkHRwTbu", "T~oi@nZF", "T~oi@EfwTCYFFfgu", null ] ]
Format: FPE_ALPHA_NUMERIC#
- Algorithm: Alphanumeric, Scope: All
- Algorithm: FPE, Scope: All
- Algorithm: Standard, Scope: All
- Algorithm: Standard 256-bit, Scope: All
Example of FPE, All
-
Request:
"datalist": [ [ "Acc965121354", "testdata123samplevalue", "sample value 2nd instance", "221, baker street", null ] ]
-
Response:
"datalist": [ [ "4eOPie2yXN1f", "SsGfMkh12uH1ndQnsDaa1V", "j8pHr5 CdFLR LUc 0zw1ZuhK", "om5, KUR9R bBjjd2", null ] ]
Format: HASHING#
Same as ASCII. These are one-way hashes.
- Algorithm: SHA-256, Scope: All
- Algorithm: SHA-512, Scope: All
Example of SHA-256, All
-
Request:
"datalist": [ [ "8743b52063cd84097a65d1633f5c74f5", "hashvalue115", "Test123Text", null ] ]
-
Response:
"datalist": [ [ "74ee1fae245edd6f27bf36efc3604942479fceefbadab5dc5c0b538c196eb0f1", "492c94273948d5140dcfef60b15a99b9c2cd5e730a5d40d2991548255825d473", "c9ecc7cecff05b064da8a89befa266e84da87409a7d8624ec15252affb70d732", null ] ]
Format: Host/Domain#
Internet standard domain name, or portion thereof, with periods.
- Algorithm: FPE, Scope: All
Example
-
Request:
"datalist": [ [ "cornell.edu", "www.google.com", "en.wikipedia.org", ".com", "www.privacera.com", "www.privacera.com", ".edu", "10.211.95.191", null ] ]
-
Response:
"datalist": [ [ "uf8T8tY.u54", "1Wr.f6NCmk.M9m", "fj.dbwLIn9DR.BfV", ".qCB", "XGY.GPRNgo1Wo.x7t", "XGY.GPRNgo1Wo.x7t", ".B56", "y4.VTB.Uh.V2H", null ] ]
Format: IP#
Internet Protocol v4 or v6 standard address
- Algorithm: FPE, Scope: All
Example
-
Request:
"datalist": [ [ null, "10.211.95.191", "ABCD:EF01:2345:6789:ABCD:EF01:2345:6789", "2001:DB8:0:0:8:800:200C:417A", "123.123.12.1", null, "0.0.0.0", "10.31.31.54", null ] ]
-
Response:
"datalist": [ [ null, "184.54.42.61", "ABCD:EF6a:e277:216a:ABCD:EFf9:5b8c:3a24", "9623:DB5:5:6:4:b3a:34cC:9ecA", "33.71.6.126", null, "223.195.44.37", "138.217.142.157", null ] ]
Format: LITERAL#
Free-form: no specific format required.
- Algorithm: FPE, Scope: All
- Algorithm: Standard 256-bit, Scope: All
Example of FPE, All
-
Request:
"datalist": [ [ "TRUE", "FALSE", "123876.0988", "123876", "Literal", "Test123Text", null ] ]
-
Response:
"datalist": [ [ "", "", "", "", "", "", null ] ]
Format: Numeric#
Digits from 0 through 9.
- Algorithm: FPE, Scope: All
Example
-
Request:
"datalist": [ [ null, "a9876543211098", "9876543211098", "a9876543211098", "acn9876543211098", null, "1234567890897654321", "1ab4 df56 7qwer2343", "1234543 5434 23454", "priv9876543211098", "acn9876543211098", null ] ]
-
Response:
"datalist": [ [ null, "a8440422448831", "5980689261168", "a8440422448831", "acn1390446821808", null, "3963413609305412090", "4ab6 df25 4qwer6711", "3073815 5226 34978", "priv1617217642784", "acn1390446821808", null ] ]
-
Algorithm: FPE, Scope: All
Format: SSN#
US Social Security Number. Nine digits. Hyphens and spaces allowed.
- Algorithm: FPE, Scope: Last 4 digits
- Algorithm: FPE, Scope: All
Example of FPE, All
-
Request:
"datalist": [ [ "778-62-8144", "030 72 7381", "709066491", "163254042", null, "805 14 1893", "401318448" ] ]
-
Response:
"datalist": [ [ "932-88-1456", "828 92 5898", "954061516", "998726200", null, "980 21 5905", "191897078" ] ]
Format: Text#
- Algorithm: FPE, Scope: All
Example of FPE, All
- Request:
"datalist": [ [ "778-62-8144", "030 72 7381", "709066491", "163254042", null, "805 14 1893", "401318448" ] ]
- Response:
"datalist": [ [ "932-88-1456", "828 92 5898", "954061516", "998726200", null, "980 21 5905", "191897078" ] ]
Bouncy Castle API#
The following combinations can be used with the Bouncy Castle API.
The only allowable scope for schemes that use the Bouncy Castle API is All.
Format | Algorithm | Scope |
---|---|---|
Alphanumeric |
|
All |
ASCII |
|
All |
CC |
|
All |
Date |
|
All |
DateTime |
|
All |
|
All | |
Host/Domain |
|
All |
IP |
|
All |
Numeric |
|
All |
SSN |
|
All |
Text |
|
All |
Date input formats and ranges#
For examples of these formats, see Examples of Allowable Date Input Formats.
Supported date range#
The range of dates supported by DateTime is from 1900/01/01 to 2099/12/31, inclusive.
Note
This range is irrespective of delimiters in the input. It specifies only the lower and upper limits of the values of year, month, and day, and does not apply to any specific hour, day, or minute.
Legend for date input formats#
yyyy
oruuuu
is 4-digit year. uuuu is a year format that does not need the specification of the era CE (Common Era) or BCE (Before Common Era). A positive number indicates CE, while a negative number indicates BCE.MM
is the 2-digit, zero-padded month ofyyyy
oruuuu
.dd
is the 2-digit, zero-padded day ofMM
.HH
is the 2-digit, zero-padded 24-hour clock hour ofdd
.mm
is the 2-digit, zero-padded minute ofHH
.ss
is the 2-digit, zero-padded second ofmm
.SSS
is the 3-digit, zero-padded microsecond ofss
.- The literal
T
is the time indicator and the literalZ
is the indicator for time zone offset, as described in W3C's Time & date: Essential concepts. Note: The time zone offset is not encrypted. - The string literals
AM
andPM
are before noon and afternoon in the analog 12-hour clock.
Day-first formats#
Date begins with the numeric, zero-padded day.
dd/mm/uuuu
dd/mm/uuuu HH:mm:ss:SSS
Month-first formats#
Data begins with the numeric, zero-padded month.
mm/dd/uuuu HH:mm:ss,SSS
mm/dd/uuuu HH:mm:ss,SSSZ
mm/dd/uuuu HH:mm:ss.SSS
mm/dd/uuuu HH:mm:ss.SSSZ
mm/dd/uuuu HH:mm:ss
mm/dd/uuuu HH:mm:ss AM
mm/dd/uuuu HH:mm:ss PM
mm/dd/uuuu HH:mm:ssZ
mm/dd/uuuu HH:mm
mm/dd/uuuu HH:mmZ
mm/dd/uuuu
mm/dd/uuuuTHH:mm:ss,SSS
mm/dd/uuuuTHH:mm:ss,SSSZ
mm/dd/uuuuTHH:mm:ss.SSS
mm/dd/uuuuTHH:mm:ss.SSSZ
mm/dd/uuuuTHH:mm:ss
mm/dd/uuuuTHH:mm:ssZ
mm/dd/uuuuTHH:mm
mm/dd/uuuuTHH:mmZ
Year-first formats#
Date begins with the year.
uuuu-mm-dd
uuuu-mm-dd AM
uuuu-mm-dd PM
uuuu-mm-dd HH:mm AM
uuuu-mm-dd HH:mm PM
uuuu-mm-dd HH:mm:ss,SSS
uuuu-mm-dd HH:mm:ss.SSS
uuuu-mm-dd HH:mm:ss,SSS AM
uuuu-mm-dd HH:mm:ss,SSS PM
uuuu-mm-dd HH:mm:ss.SSS AM
uuuu-mm-dd HH:mm:ss.SSS PM
uuuu-mm-dd HH:mm:ss
uuuu-mm-dd HH:mm
uuuu-mm-ddTHH:mm:ss,SSS
uuuu-mm-ddTHH:mm:ss,SSSZ
uuuu-mm-ddTHH:mm:ss.SSS
uuuu-mm-ddTHH:mm:ss.SSSZ
uuuu-mm-ddTHH:mm:ss
uuuu-mm-ddTHH:mm:ssZ
uuuu-mm-ddTHH:mm
uuuu-mm-ddTHH:mmZ
uuuu/mm/dd HH:mm:ss,SSS
uuuu/mm/dd HH:mm:ss.SSS
uuuu/mm/dd HH:mm:ss
uuuu/mm/dd HH:mm
uuuu/mm/dd
uuuu/mm/ddTHH:mm:ss,SSS
uuuu/mm/ddTHH:mm:ss,SSSZ
uuuu/mm/ddTHH:mm:ss.SSS
uuuu/mm/ddTHH:mm:ss.SSSZ
uuuu/mm/ddTHH:mm:ss
uuuu/mm/ddTHH:mm:ssZ
uuuu/mm/ddTHH:mm
uuuu/mm/ddTHH:mmZ
Examples of allowable date input formats#
1900-01-01
1912/01/02
1912-01-02 03:10:50
1912/01/02 03:10:50
1912-01-02 03:10:50.000
1912/01/02 03:10:50.000
1950/02/03T05:20:30.213+1000
2099-12-31T05:20:30.213+1000