ff1

Documentation

Index

• Variables
• type Cipher
  • func NewCipher(radix int, maxTLen int, key []byte, tweak []byte) (*Cipher, error)
  • func (c *Cipher) Decrypt(X string) (string, error)
  • func (c *Cipher) DecryptWithTweak(X string, tweak []byte) (string, error)
  • func (c *Cipher) Encrypt(X string) (string, error)
  • func (c *Cipher) EncryptWithTweak(X string, tweak []byte) (string, error)

Examples

• Cipher.Decrypt
• Cipher.Encrypt

Variables

var (

	// ErrStringNotInRadix is returned if input or intermediate strings cannot be parsed in the given radix
	ErrStringNotInRadix = errors.New("go-cryptobin/fpe: string is not within base/radix")

	// ErrTweakLengthInvalid is returned if the tweak length is not in the given range
	ErrTweakLengthInvalid = errors.New("go-cryptobin/fpe: tweak must be between 0 and given maxTLen, inclusive")
)

Types

type Cipher

type Cipher struct {
	// contains filtered or unexported fields
}

A Cipher is an instance of the FF1 mode of format preserving encryption using a particular key, radix, and tweak

func NewCipher

func NewCipher(radix int, maxTLen int, key []byte, tweak []byte) (*Cipher, error)

NewCipher initializes a new FF1 Cipher for encryption or decryption use based on the radix, max tweak length, key and tweak parameters.

func (*Cipher) Decrypt

func (c *Cipher) Decrypt(X string) (string, error)

Decrypt decrypts the string X over the current FF1 parameters and returns the plaintext of the same length and format

Example

Note: panic(err) is just used for example purposes.

// Key and tweak should be byte arrays. Put your key and tweak here.
// To make it easier for demo purposes, decode from a hex string here.
key, err := hex.DecodeString("2B7E151628AED2A6ABF7158809CF4F3C")
if err != nil {
	panic(err)
}
tweak, err := hex.DecodeString("")
if err != nil {
	panic(err)
}

// Create a new FF1 cipher "object"
// 10 is the radix/base, and 8 is the tweak length.
FF1, err := NewCipher(10, 8, key, tweak)
if err != nil {
	panic(err)
}

ciphertext := "2433477484"

plaintext, err := FF1.Decrypt(ciphertext)
if err != nil {
	panic(err)
}

fmt.Println(plaintext)

Output:

0123456789

func (*Cipher) DecryptWithTweak

func (c *Cipher) DecryptWithTweak(X string, tweak []byte) (string, error)

DecryptWithTweak is the same as Decrypt except it uses the tweak from the parameter rather than the current Cipher's tweak This allows you to re-use a single Cipher (for a given key) and simply override the tweak for each unique data input, which is a practical use-case of FPE for things like credit card numbers.

func (*Cipher) Encrypt

func (c *Cipher) Encrypt(X string) (string, error)

Encrypt encrypts the string X over the current FF1 parameters and returns the ciphertext of the same length and format

Example

Note: panic(err) is just used for example purposes.

// Key and tweak should be byte arrays. Put your key and tweak here.
// To make it easier for demo purposes, decode from a hex string here.
key, err := hex.DecodeString("2B7E151628AED2A6ABF7158809CF4F3C")
if err != nil {
	panic(err)
}
tweak, err := hex.DecodeString("")
if err != nil {
	panic(err)
}

// Create a new FF1 cipher "object"
// 10 is the radix/base, and 8 is the tweak length.
FF1, err := NewCipher(10, 8, key, tweak)
if err != nil {
	panic(err)
}

original := "0123456789"

// Call the encryption function on an example test vector
ciphertext, err := FF1.Encrypt(original)
if err != nil {
	panic(err)
}

fmt.Println(ciphertext)

Output:

2433477484

func (*Cipher) EncryptWithTweak

func (c *Cipher) EncryptWithTweak(X string, tweak []byte) (string, error)

EncryptWithTweak is the same as Encrypt except it uses the tweak from the parameter rather than the current Cipher's tweak This allows you to re-use a single Cipher (for a given key) and simply override the tweak for each unique data input, which is a practical use-case of FPE for things like credit card numbers.