Documentation
¶
Overview ¶
Package ff1 implements the FF1 format-preserving encryption algorithm/scheme
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrStringNotInRadix is returned if input or intermediate strings cannot be parsed in the given radix ErrStringNotInRadix = errors.New("string is not within base/radix") // ErrTweakLengthInvalid is returned if the tweak length is not in the given range ErrTweakLengthInvalid = errors.New("tweak must be between 0 and given maxTLen, inclusive") )
Functions ¶
This section is empty.
Types ¶
type Cipher ¶
type Cipher struct {
// contains filtered or unexported fields
}
A Cipher is an instance of the FF1 mode of format preserving encryption using a particular key, radix, and tweak
func NewCipher ¶
NewCipher initializes a new FF1 Cipher for encryption or decryption use based on the radix, max tweak length, key and tweak parameters.
func (Cipher) Decrypt ¶
Decrypt decrypts the string X over the current FF1 parameters and returns the plaintext of the same length and format
Example ¶
Note: panic(err) is just used for example purposes.
// Key and tweak should be byte arrays. Put your key and tweak here.
// To make it easier for demo purposes, decode from a hex string here.
key, err := hex.DecodeString("2B7E151628AED2A6ABF7158809CF4F3C")
if err != nil {
panic(err)
}
tweak, err := hex.DecodeString("")
if err != nil {
panic(err)
}
// Create a new FF1 cipher "object"
// 10 is the radix/base, and 8 is the tweak length.
FF1, err := NewCipher(10, 8, key, tweak)
if err != nil {
panic(err)
}
ciphertext := "2433477484"
plaintext, err := FF1.Decrypt(ciphertext)
if err != nil {
panic(err)
}
fmt.Println(plaintext)
Output: 0123456789
func (Cipher) DecryptWithTweak ¶ added in v1.2.0
DecryptWithTweak is the same as Decrypt except it uses the tweak from the parameter rather than the current Cipher's tweak This allows you to re-use a single Cipher (for a given key) and simply override the tweak for each unique data input, which is a practical use-case of FPE for things like credit card numbers.
func (Cipher) Encrypt ¶
Encrypt encrypts the string X over the current FF1 parameters and returns the ciphertext of the same length and format
Example ¶
Note: panic(err) is just used for example purposes.
// Key and tweak should be byte arrays. Put your key and tweak here.
// To make it easier for demo purposes, decode from a hex string here.
key, err := hex.DecodeString("2B7E151628AED2A6ABF7158809CF4F3C")
if err != nil {
panic(err)
}
tweak, err := hex.DecodeString("")
if err != nil {
panic(err)
}
// Create a new FF1 cipher "object"
// 10 is the radix/base, and 8 is the tweak length.
FF1, err := NewCipher(10, 8, key, tweak)
if err != nil {
panic(err)
}
original := "0123456789"
// Call the encryption function on an example test vector
ciphertext, err := FF1.Encrypt(original)
if err != nil {
panic(err)
}
fmt.Println(ciphertext)
Output: 2433477484
func (Cipher) EncryptWithTweak ¶ added in v1.2.0
EncryptWithTweak is the same as Encrypt except it uses the tweak from the parameter rather than the current Cipher's tweak This allows you to re-use a single Cipher (for a given key) and simply override the tweak for each unique data input, which is a practical use-case of FPE for things like credit card numbers.
Source Files