SVault

Detailed description

Data tokenization and anonymization operations.

See HSM technical documentation.

Functions
SVaultGenTokenResponse	GenSVaultToken (int op, SVaultGenTokenInfo tokenInfo, int reserved) throws TacException
	It tokenizes a piece of data, generating a token blob and its respective token.
SVaultGenTokenResponse	GenSVaultToken(SVaultGenTokenInfo tokenInfo ) throws TacException
	It tokenizes a piece of data, generating a token blob and its respective token.
SVaultGenTokenResponse	GenSVaultDigitToken (byte CKS, byte maskFlags, String MK, String secret) throws TacException
	It tokenizes digits, generating a token blob and its respective token.
SVaultGenTokenResponse	GenSVaultStringToken (byte maskFlags, String MK, String secret) throws TacException
	It tokenizes a UTF-8 string, generating a token blob and its respective token.
String	GetSVaultTokenBlobData (int op, String MK, String mask, byte[] tokenBlob) throws TacException
	Retrieves the secret or token of tokenized data using a token blob.
String	GetSVaultSecret (String MK, String mask, byte[] tokenBlob) throws TacException
	Retrieves the secret of tokenized data using a token blob.
String	GetSVaultToken (String MK, String mask, byte[] tokenBlob) throws TacException
	Retrieves the token of tokenized data using a token blob.

Functions

GenSVaultToken() [1/2]

SVaultGenTokenResponse GenSVaultToken	(	int	op,
		SVaultGenTokenInfo	tokenInfo,
		int	reserved ) throws TacException

It tokenizes a piece of data, generating a token blob and its respective token.

Parameters

op	Type of operation. Must be 0.
tokenInfo	Details of the tokenization operation
reserved	Reserved for future use (must be 0).

Return

Exceptions

TacException

GenSVaultToken() [2/2]

SVaultGenTokenResponse GenSVaultToken

(

SVaultGenTokenInfo

tokenInfo

)

throws TacException

It tokenizes a piece of data, generating a token blob and its respective token.

Parameters

tokenInfo

Details of the tokenization operation

Return

Exceptions

TacException

GenSVaultDigitToken()

SVaultGenTokenResponse GenSVaultDigitToken	(	byte	CKS,
		byte	maskFlags,
		String	MK,
		String	secret ) throws TacException

It tokenizes digits, generating a token blob and its respective token.

Parameters

CKS	Defines the type of checksum for the generation of tokens. It can be one of the options in the table below Value Operation TacNDJavaLib.D_SVAULT_CKS_NULL It doesn't generate a checksum. It only generates the token. TacNDJavaLib.D_SVAULT_CKS_CPF Generates the 2 check digits in the CPF (Cadastro de Pessoas Físicas) standard on the token. The secret must contain only numbers and include the check digits. TacNDJavaLib.D_SVAULT_CKS_CNPJ Generates the 2 verification digits in the CNPJ (Cadastro Nacional da Pessoa Jurídica) standard on the token. The secret must contain only numbers and include the check digits. TacNDJavaLib.D_SVAULT_CKS_PAN Generates a PAN (Primary Account Number) with a valid check digit in the token. The secret must be complete and contain only numbers. TacNDJavaLib.D_SVAULT_CKS_IEL Generates the 2 check digits in the pattern of the voter registration number on the token. The secret must contain only numbers and include the check digits.
maskFlags	Generation options. It can be one of the options in the table below Value Operation 0 It does not use masks for token generation or secret recovery. TacNDJavaLib.D_SVAULT_F_MASK_TOKEN It uses masks to generate the token. The mask can be passed when retrieving the token or secret. TacNDJavaLib.D_SVAULT_F_MASK_SECRET It uses masks to generate the secret. The mask can be passed when retrieving the token or secret.
MK	Name of the key used for data protection
secret	The secret must be a string with numbers only. It should have a minimum size of TacNDJavaLib.D_SVAULT_MIN_TL and a maximum size of TacNDJavaLib.D_SVAULT_MAX_TL.

Return

Exceptions

TacException

GenSVaultStringToken()

SVaultGenTokenResponse GenSVaultStringToken	(	byte	maskFlags,
		String	MK,
		String	secret ) throws TacException

It tokenizes a UTF-8 string, generating a token blob and its respective token.

Parameters

maskFlags	Generation options. It can be one of the options in the table below Value Operation 0 It does not use masks for token generation or secret recovery. TacNDJavaLib.D_SVAULT_F_MASK_TOKEN It uses masks to generate the token. The mask can be passed when retrieving the token or secret. TacNDJavaLib.D_SVAULT_F_MASK_SECRET It uses masks to generate the secret. The mask can be passed when retrieving the token or secret.
MK	Name of the key used for data protection
secret	The secret must be a UTF-8 string. It must have a minimum size of TacNDJavaLib.D_SVAULT_MIN_TL and a maximum size of TacNDJavaLib.D_SVAULT_MAX_TL.

Return

Exceptions

TacException

GetSVaultTokenBlobData()

String GetSVaultTokenBlobData	(	int	op,
		String	MK,
		String	mask,
		byte[]	tokenBlob ) throws TacException

Retrieves the secret or token of tokenized data using a token blob.

This API also allows the recovery of the masked secret or token.

Parameters

op	Type of operation. This can be one of the options below. Value Meaning TacNDJavaLib.D_SVAULT_GET_OP_SECRET Get the secret back. TacNDJavaLib.D_SVAULT_GET_OP_TOKEN Recover the token.
MK	Name of the key used for data protection.
mask	Mask pattern that will be applied to the secret or token, according to the one defined when generating the token blob in GenSVaultToken(). Buffer with a minimum size of TacNDJavaLib.D_SVAULT_MIN_TL and a maximum of TacNDJavaLib.D_SVAULT_MIN_TL containing the mask. It can be an empty string "" so as not to use masking. The mask is a UTF-8 string containing the characters that will be applied to the data to mask it. Pass '\0' in the positions where you want the data to be displayed. See the notes for examples.
tokenBlob	Buffer of size TacNDJavaLib.D_SVAULT_TOKEN_BLOB_LEN, generated by the GenSVaultToken() API, containing the blob token.

Return

Return as defined in op

Exceptions

TacException

Notes

Examples with a secret of value "123456789".

1. With the mask "***" we will get the following result: "***456789".
2. With the mask "9999" we will get the following result: "999956789".
3. With the mask "***\0\0\0***" we will get the following result: "***456***".

GetSVaultSecret()

String GetSVaultSecret	(	String	MK,
		String	mask,
		byte[]	tokenBlob ) throws TacException

Retrieves the secret of tokenized data using a token blob.

This API also allows the masked secret to be recovered.

Parameters

MK	Name of the key used for data protection.
mask	Mask pattern that will be applied to the secret or token, according to the one defined when generating the token blob in GenSVaultToken(). Buffer with a minimum size of TacNDJavaLib.D_SVAULT_MIN_TL and a maximum of TacNDJavaLib.D_SVAULT_MIN_TL containing the mask. It can be an empty string "" so as not to use masking. The mask is a UTF-8 string containing the characters that will be applied to the data to mask it. Pass '\0' in the positions where you want the data to be displayed. See the notes on GetSVaultTokenBlobData() for examples.
tokenBlob	Buffer of size TacNDJavaLib.D_SVAULT_TOKEN_BLOB_LEN, generated by the GenSVaultToken() API, containing the blob token.

Return

secret

Exceptions

TacException

GetSVaultToken()

String GetSVaultToken	(	String	MK,
		String	mask,
		byte[]	tokenBlob ) throws TacException

Retrieves the token of tokenized data using a token blob.

This API also allows the masked token to be recovered.

Parameters

MK	Name of the key used for data protection.
mask	Mask pattern that will be applied to the secret or token, according to the one defined when generating the token blob in GenSVaultToken(). Buffer with a minimum size of TacNDJavaLib.D_SVAULT_MIN_TL and a maximum of TacNDJavaLib.D_SVAULT_MIN_TL containing the mask. It can be an empty string "" so as not to use masking. The mask is a UTF-8 string containing the characters that will be applied to the data to mask it. Pass '\0' in the positions where you want the data to be displayed. See the notes on GetSVaultTokenBlobData() for examples.
tokenBlob	Buffer of size TacNDJavaLib.D_SVAULT_TOKEN_BLOB_LEN, generated by the GenSVaultToken() API, containing the blob token.

Return

token

Exceptions

TacException