Reference: Formats, Algorithms, and Scopes

These are allowable combinations of encryption input data formats, the supported algorithms for those formats, and the scope of the data that is encrypted.

The combinations are subdivided into groups based on the underlying API:

Privacera API
Bouncy Castle API

Other Schemes Now Deprecated#

The schemes listed here are the only supported certified schemes.

All other schemes not listed here are deprecated, although they are listed in the Privacera Platform UI.

Numeric formats with FPE algorithm: input must be string#

For a scheme with Numeric format type and FPE algorithm, the numeric data on the calls to /protect and /unprotect must be a string.

To preserve the format and length, the encrypted output must also be stored as a string.

Example: Encrypting a number via FPE like 123456 might result in output like 027931.

To preserve the format and length the 0 prefix needs to be retained.

Storing this result in string format ensures that future decryption/encryption functions correctly.

Privacera API#

The following combinations can be used with the Privacera API.

The request and response examples show the datalist JSON element with the Privacera Encryption REST API /protect endpoint.

Format: Alphanumeric#

Algorithm: Alphanumeric, Scope: All

Example

Request:

"datalist": [
    [
        "TUCSON AZ 85705,USA",
        "testdata115",
        "105 Sikes Hall, Clemson, SC 29634, USA",
        "177A Bleecker Street",
        null
    ]
]

Response:

"datalist": [
    [
        "hGL8f5ycfDDrxguRRZhDTPINOfHZmlxik5bW2xz9Mbg=",
        "7GEWk9XuIigzkTczc9Ntzg==",
        "9e6obWu6mh9vK2xkEcFvOeXSYwve2Ws9jQ1AEBVxc3zj5lFGNcBPxxLpgyyZin0u",
        "MDtays2tyyOv5egH+OXbk9UqL2RDTZRhqNYxaEULsjs=",
        null
    ]
]

Format: ASCII#

7-bit ASCII character set, excluding control characters.

Algorithm: FPE, Scope: All

Example

Request:

"datalist": [
    [
        "testvalue123",
        "This is a sample text",
        "This is sample 123 alphanumeric text 123.",
        "123456789098765",
        "123!@#R)(*&^4567JHG",
        null
    ]
]

Response:

"datalist": [
    [
       "[pa&xA_)1qs=",
        "?xUs.H';NIy>BJ0@y9{qq",
        "o/|R7&k)d>dmp^Am}.%-F]_Ym7c]@B~Xm)eOB+=w*",
        "/apLBEweK)?| *t",
        "{lD+U%cMLKM]k+`lt}.",
        null
      ]
  ],

Format: CC#

Credit card. Numeric from 14 to 19 digits. Hyphens and spaces allowed.

Algorithm: FPE, Scope: All
Algorithm: FPE, Scope: First 4 digits
Algorithm: FPE, Scope: Last 4 digits

Example of FPE, All

Request:

"datalist": [
    [
        "236864479139819",
        "160201209940524",
        "41228020889831",
        "7529274609013685",
        null,
        "6536921047107462",
        "4766530513049409"
      ]
  ]

Response:

"datalist": [
    [
        "524312768689370",
        "535332579591178",
        "79759512315352",
        "1072002057261056",
        null,
        "3907516129227718",
        "6712017221140690"
    ]
]

Formats: DATE and Date_DD_MM#

Algorithm: FPE, Scope: All

For details on allowable formats, see Date Input Formats and Ranges

Example

Request:

"datalist": [
    [
        "16/12/3352",
        "09/02/3508",
        "16-12-3352",
        "21-03-3421",
        "19/12/3224 21:01:24:202",
        null
    ]
]

Response:

"datalist": [
    [
        "16/12/3352",
        "09/02/3508",
        "16-12-3352",
        "21-03-3421",
        "12/07/3871 20:44:36:480",
        null
    ]
]

Format: Driver License#

Algorithm: FPE, Scope: All

Example

Request:

"datalist": [
    [
        "A123456789012",
        "12345678X",
        null,
        "123456789",
        "m1234567",
        "12345678123456789",
        "123456789",
        null,
        "113654424",
        "999000680",
        "B13654424",
        "G544-061-73-925-0",
        "AA123456Z",
        null
    ]
]

Response:

"datalist": [
    [
        "09HnovI2QR9jw",
        "pIJijAhlj",
        null,
        "pnZaDghd0",
        "ICSdAHiD",
        "92SRB3QE5S6TunSRA",
        "pnZaDghd0",
        null,
        "J1XT5UuBq",
        "SHdt78Two",
        "PMGoghnkh",
        "rusP-R4U-EG-nVV-r",
        "YslNiR2As",
        null
    ]
]

Format: Email#

Must include @ sign.

Algorithm: FPE, Scope: All
Algorithm: FPE, Scope: masked username
Algorithm: FPE, Scope: masked domain

Example of FPE, All

Request:

"datalist": [
    [
        "test@domain.com",
        "lastname@domain.com",
        "test.email.with+symbol@domain.com",
        "id-with-dash@domain.com",
        "example-abc@abc-domain.com",
        "admin@mailserver1",
        "#!$%&'*+-/=?^_{}|~@domain.org",
        "example@localhost",
        "example@s.solutions",
        "test@com",
        "test@localserver",
        null
    ]
]

Response:

"datalist": [
    [
        "T~oi@GaRxEU.ZFq",
        "R82`Rs7E@GaRxEU.ZFq",
        "s%x{.&FEi!.qPEjpST2gK#@GaRxEU.ZFq",
        "t+g_4s+Vn_?7@GaRxEU.ZFq",
        "bPVRw9_x_J`@DmF-AyWNGj.gxA",
        "BnAIk@lhGbMXvogj1",
        "GZhp3&iMy^X|0Jij%s@WCXdsf.BYi",
        "vUnO=Fb@IWyJfKkFW",
        "vUnO=Fb@X.wpkHRwTbu",
        "T~oi@nZF",
        "T~oi@EfwTCYFFfgu",
        null
    ]
]

Format: FPE_ALPHA_NUMERIC#

Algorithm: Alphanumeric, Scope: All
Algorithm: FPE, Scope: All
Algorithm: Standard, Scope: All
Algorithm: Standard 256-bit, Scope: All

Example of FPE, All

Request:

"datalist": [
    [
        "Acc965121354",
        "testdata123samplevalue",
        "sample value 2nd instance",
        "221, baker street",
        null
    ]
]

Response:

"datalist": [
    [
        "4eOPie2yXN1f",
        "SsGfMkh12uH1ndQnsDaa1V",
        "j8pHr5 CdFLR LUc 0zw1ZuhK",
        "om5, KUR9R bBjjd2",
        null
    ]
]

Format: HASHING#

Same as ASCII. These are one-way hashes.

Algorithm: SHA-256, Scope: All
Algorithm: SHA-512, Scope: All

Example of SHA-256, All

Request:

"datalist": [
    [
        "8743b52063cd84097a65d1633f5c74f5",
        "hashvalue115",
        "Test123Text",
        null
    ]
]

Response:

"datalist": [
    [
        "74ee1fae245edd6f27bf36efc3604942479fceefbadab5dc5c0b538c196eb0f1",
        "492c94273948d5140dcfef60b15a99b9c2cd5e730a5d40d2991548255825d473",
        "c9ecc7cecff05b064da8a89befa266e84da87409a7d8624ec15252affb70d732",
        null
    ]
]

Format: Host/Domain#

Internet standard domain name, or portion thereof, with periods.

Algorithm: FPE, Scope: All

Example

Request:

"datalist": [
    [
        "cornell.edu",
        "www.google.com",
        "en.wikipedia.org",
        ".com",
        "www.privacera.com",
        "www.privacera.com",
        ".edu",
        "10.211.95.191",
        null
    ]
]

Response:

"datalist": [
    [
        "uf8T8tY.u54",
        "1Wr.f6NCmk.M9m",
        "fj.dbwLIn9DR.BfV",
        ".qCB",
        "XGY.GPRNgo1Wo.x7t",
        "XGY.GPRNgo1Wo.x7t",
        ".B56",
        "y4.VTB.Uh.V2H",
        null
    ]
]

Format: IP#

Internet Protocol v4 or v6 standard address

Algorithm: FPE, Scope: All

Example

Request:

"datalist": [
    [
        null,
        "10.211.95.191",
        "ABCD:EF01:2345:6789:ABCD:EF01:2345:6789",
        "2001:DB8:0:0:8:800:200C:417A",
        "123.123.12.1",
        null,
        "0.0.0.0",
        "10.31.31.54",
        null
    ]
]

Response:

"datalist": [
    [
        null,
        "184.54.42.61",
        "ABCD:EF6a:e277:216a:ABCD:EFf9:5b8c:3a24",
        "9623:DB5:5:6:4:b3a:34cC:9ecA",
        "33.71.6.126",
        null,
        "223.195.44.37",
        "138.217.142.157",
        null
    ]
]

Format: LITERAL#

Free-form: no specific format required.

Algorithm: FPE, Scope: All
Algorithm: Standard 256-bit, Scope: All

Example of FPE, All

Request:

"datalist": [
    [
        "TRUE",
        "FALSE",
        "123876.0988",
        "123876",
        "Literal",
        "Test123Text",
        null
    ]
]

Response:

"datalist": [
    [
        "",
        "",
        "",
        "",
        "",
        "",
        null
    ]
]

Format: Numeric#

Digits from 0 through 9.

Algorithm: FPE, Scope: All

Example

Request:

"datalist": [
    [
        null,
        "a9876543211098",
        "9876543211098",
        "a9876543211098",
        "acn9876543211098",
        null,
        "1234567890897654321",
        "1ab4 df56 7qwer2343",
        "1234543 5434 23454",
        "priv9876543211098",
        "acn9876543211098",
        null
    ]
]

Response:

"datalist": [
    [
        null,
        "a8440422448831",
        "5980689261168",
        "a8440422448831",
        "acn1390446821808",
        null,
        "3963413609305412090",
        "4ab6 df25 4qwer6711",
        "3073815 5226 34978",
        "priv1617217642784",
        "acn1390446821808",
        null
    ]
]

Algorithm: FPE, Scope: All

Format: SSN#

US Social Security Number. Nine digits. Hyphens and spaces allowed.

Algorithm: FPE, Scope: Last 4 digits
Algorithm: FPE, Scope: All

Example of FPE, All

Request:

"datalist": [
    [
        "778-62-8144",
        "030 72 7381",
        "709066491",
        "163254042",
        null,
        "805 14 1893",
        "401318448"
    ]
]

Response:

"datalist": [
    [
        "932-88-1456",
        "828 92 5898",
        "954061516",
        "998726200",
        null,
        "980 21 5905",
        "191897078"
    ]
]

Format: Text#

Algorithm: FPE, Scope: All

Example of FPE, All

Request:

"datalist": [
    [
        "778-62-8144",
        "030 72 7381",
        "709066491",
        "163254042",
        null,
        "805 14 1893",
        "401318448"
    ]
]

Response:

"datalist": [
    [
        "932-88-1456",
        "828 92 5898",
        "954061516",
        "998726200",
        null,
        "980 21 5905",
        "191897078"
    ]
]

Bouncy Castle API#

The following combinations can be used with the Bouncy Castle API.

The only allowable scope for schemes that use the Bouncy Castle API is All.

Format	Algorithm	Scope
Alphanumeric	AES 128 AES 256	All
ASCII	AES 128 AES 256	All
CC	AES 128 AES 256	All
Date	AES 128 AES 256	All
DateTime	AES 128 AES 256	All
Email	AES 128 AES 256	All
Host/Domain	AES 128 AES 256	All
IP	AES 128 AES 256	All
Numeric	AES 128 AES 256	All
SSN	AES 128 AES 256	All
Text	AES 128 AES 256	All

Date input formats and ranges#

For examples of these formats, see Examples of Allowable Date Input Formats.

Supported date range#

The range of dates supported by DateTime is from 1900/01/01 to 2099/12/31, inclusive.

Note

This range is irrespective of delimiters in the input. It specifies only the lower and upper limits of the values of year, month, and day, and does not apply to any specific hour, day, or minute.

Legend for date input formats#

yyyy or uuuu is 4-digit year. uuuu is a year format that does not need the specification of the era CE (Common Era) or BCE (Before Common Era). A positive number indicates CE, while a negative number indicates BCE.
MM is the 2-digit, zero-padded month of yyyy or uuuu.
dd is the 2-digit, zero-padded day of MM.
HH is the 2-digit, zero-padded 24-hour clock hour of dd.
mm is the 2-digit, zero-padded minute of HH.
ss is the 2-digit, zero-padded second of mm.
SSS is the 3-digit, zero-padded microsecond of ss.
The literal T is the time indicator and the literal Z is the indicator for time zone offset, as described in W3C's Time & date: Essential concepts. Note: The time zone offset is not encrypted.
The string literals AM and PM are before noon and afternoon in the analog 12-hour clock.

Day-first formats#

Date begins with the numeric, zero-padded day.

dd/mm/uuuu
dd/mm/uuuu HH:mm:ss:SSS

Month-first formats#

Data begins with the numeric, zero-padded month.

mm/dd/uuuu HH:mm:ss,SSS
mm/dd/uuuu HH:mm:ss,SSSZ
mm/dd/uuuu HH:mm:ss.SSS
mm/dd/uuuu HH:mm:ss.SSSZ
mm/dd/uuuu HH:mm:ss
mm/dd/uuuu HH:mm:ss AM
mm/dd/uuuu HH:mm:ss PM
mm/dd/uuuu HH:mm:ssZ
mm/dd/uuuu HH:mm
mm/dd/uuuu HH:mmZ
mm/dd/uuuu
mm/dd/uuuuTHH:mm:ss,SSS
mm/dd/uuuuTHH:mm:ss,SSSZ
mm/dd/uuuuTHH:mm:ss.SSS
mm/dd/uuuuTHH:mm:ss.SSSZ
mm/dd/uuuuTHH:mm:ss
mm/dd/uuuuTHH:mm:ssZ
mm/dd/uuuuTHH:mm
mm/dd/uuuuTHH:mmZ

Year-first formats#

Date begins with the year.

uuuu-mm-dd
uuuu-mm-dd AM
uuuu-mm-dd PM
uuuu-mm-dd HH:mm AM
uuuu-mm-dd HH:mm PM
uuuu-mm-dd HH:mm:ss,SSS
uuuu-mm-dd HH:mm:ss.SSS
uuuu-mm-dd HH:mm:ss,SSS AM
uuuu-mm-dd HH:mm:ss,SSS PM
uuuu-mm-dd HH:mm:ss.SSS AM
uuuu-mm-dd HH:mm:ss.SSS PM
uuuu-mm-dd HH:mm:ss
uuuu-mm-dd HH:mm
uuuu-mm-ddTHH:mm:ss,SSS
uuuu-mm-ddTHH:mm:ss,SSSZ
uuuu-mm-ddTHH:mm:ss.SSS
uuuu-mm-ddTHH:mm:ss.SSSZ
uuuu-mm-ddTHH:mm:ss
uuuu-mm-ddTHH:mm:ssZ
uuuu-mm-ddTHH:mm
uuuu-mm-ddTHH:mmZ
uuuu/mm/dd HH:mm:ss,SSS
uuuu/mm/dd HH:mm:ss.SSS
uuuu/mm/dd HH:mm:ss
uuuu/mm/dd HH:mm
uuuu/mm/dd
uuuu/mm/ddTHH:mm:ss,SSS
uuuu/mm/ddTHH:mm:ss,SSSZ
uuuu/mm/ddTHH:mm:ss.SSS
uuuu/mm/ddTHH:mm:ss.SSSZ
uuuu/mm/ddTHH:mm:ss
uuuu/mm/ddTHH:mm:ssZ
uuuu/mm/ddTHH:mm
uuuu/mm/ddTHH:mmZ

Examples of allowable date input formats#

1900-01-01
1912/01/02
1912-01-02 03:10:50
1912/01/02 03:10:50
1912-01-02 03:10:50.000
1912/01/02 03:10:50.000
1950/02/03T05:20:30.213+1000
2099-12-31T05:20:30.213+1000