ff3

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 22, 2018 License: Apache-2.0 Imports: 5 Imported by: 5

Documentation

Overview

Package ff3 implements the FF3 format-preserving encryption algorithm/scheme

Index

Examples

Constants

This section is empty.

Variables

View Source 
var (
	// ErrStringNotInRadix is returned if input or intermediate strings cannot be parsed in the given radix
	ErrStringNotInRadix = errors.New("string is not within base/radix")

	// ErrTweakLengthInvalid is returned if the tweak length is not 8 bytes
	ErrTweakLengthInvalid = errors.New("tweak must be 8 bytes, or 64 bits")
)

Functions

This section is empty.

Types

type Cipher 

type Cipher struct {
	// contains filtered or unexported fields
}

A Cipher is an instance of the FF3 mode of format preserving encryption using a particular key, radix, and tweak

func NewCipher 

func NewCipher(radix int, key []byte, tweak []byte) (Cipher, error)

NewCipher initializes a new FF3 Cipher for encryption or decryption use based on the radix, key and tweak parameters.

func (Cipher) Decrypt 

func (c Cipher) Decrypt(X string) (string, error)

Decrypt decrypts the string X over the current FF3 parameters and returns the plaintext of the same length and format

Example

Note: panic(err) is just used for example purposes. 

// Key and tweak should be byte arrays. Put your key and tweak here.
// To make it easier for demo purposes, decode from a hex string here.
key, err := hex.DecodeString("EF4359D8D580AA4F7F036D6F04FC6A94")
if err != nil {
	panic(err)
}
tweak, err := hex.DecodeString("D8E7920AFA330A73")
if err != nil {
	panic(err)
}

// Create a new FF3 cipher "object"
// 10 is the radix/base
FF3, err := NewCipher(10, key, tweak)
if err != nil {
	panic(err)
}

ciphertext := "750918814058654607"

plaintext, err := FF3.Decrypt(ciphertext)
if err != nil {
	panic(err)
}

fmt.Println(plaintext)

Output:

890121234567890000

func (Cipher) DecryptWithTweak added in v1.2.0 

func (c Cipher) DecryptWithTweak(X string, tweak []byte) (string, error)

DecryptWithTweak is the same as Decrypt except it uses the tweak from the parameter rather than the current Cipher's tweak This allows you to re-use a single Cipher (for a given key) and simply override the tweak for each unique data input, which is a practical use-case of FPE for things like credit card numbers.

func (Cipher) Encrypt 

func (c Cipher) Encrypt(X string) (string, error)

Encrypt encrypts the string X over the current FF3 parameters and returns the ciphertext of the same length and format

Example

Note: panic(err) is just used for example purposes. 

// Key and tweak should be byte arrays. Put your key and tweak here.
// To make it easier for demo purposes, decode from a hex string here.
key, err := hex.DecodeString("EF4359D8D580AA4F7F036D6F04FC6A94")
if err != nil {
	panic(err)
}
tweak, err := hex.DecodeString("D8E7920AFA330A73")
if err != nil {
	panic(err)
}

// Create a new FF3 cipher "object"
// 10 is the radix/base
FF3, err := NewCipher(10, key, tweak)
if err != nil {
	panic(err)
}

original := "890121234567890000"

// Call the encryption function on an example test vector
ciphertext, err := FF3.Encrypt(original)
if err != nil {
	panic(err)
}

fmt.Println(ciphertext)

Output:

750918814058654607

func (Cipher) EncryptWithTweak added in v1.2.0 

func (c Cipher) EncryptWithTweak(X string, tweak []byte) (string, error)

EncryptWithTweak is the same as Encrypt except it uses the tweak from the parameter rather than the current Cipher's tweak This allows you to re-use a single Cipher (for a given key) and simply override the tweak for each unique data input, which is a practical use-case of FPE for things like credit card numbers.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.