Package com.google.privacy.dlp.v2

Interface CryptoDeterministicConfigOrBuilder

  • All Superinterfaces:
    com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder
    All Known Implementing Classes:
    CryptoDeterministicConfig, CryptoDeterministicConfig.Builder
    public interface CryptoDeterministicConfigOrBuilder
extends com.google.protobuf.MessageOrBuilder

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      FieldId getContext()
      A context may be used for higher security and maintaining referential integrity such that the same identifier in two different contexts will be given a distinct surrogate.
      FieldIdOrBuilder getContextOrBuilder()
      A context may be used for higher security and maintaining referential integrity such that the same identifier in two different contexts will be given a distinct surrogate.
      CryptoKey getCryptoKey()
      The key used by the encryption function.
      CryptoKeyOrBuilder getCryptoKeyOrBuilder()
      The key used by the encryption function.
      InfoType getSurrogateInfoType()
      The custom info type to annotate the surrogate with.
      InfoTypeOrBuilder getSurrogateInfoTypeOrBuilder()
      The custom info type to annotate the surrogate with.
      boolean hasContext()
      A context may be used for higher security and maintaining referential integrity such that the same identifier in two different contexts will be given a distinct surrogate.
      boolean hasCryptoKey()
      The key used by the encryption function.
      boolean hasSurrogateInfoType()
      The custom info type to annotate the surrogate with.

      • Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

        isInitialized

      • Methods inherited from interface com.google.protobuf.MessageOrBuilder

        findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

    • Method Detail

      • hasCryptoKey

        boolean hasCryptoKey()
         The key used by the encryption function. For deterministic encryption
 using AES-SIV, the provided key is internally expanded to 64 bytes prior to
 use.
        .google.privacy.dlp.v2.CryptoKey crypto_key = 1;
        Returns:
        Whether the cryptoKey field is set.

      • getCryptoKey

        CryptoKey getCryptoKey()
         The key used by the encryption function. For deterministic encryption
 using AES-SIV, the provided key is internally expanded to 64 bytes prior to
 use.
        .google.privacy.dlp.v2.CryptoKey crypto_key = 1;
        Returns:
        The cryptoKey.

      • getCryptoKeyOrBuilder

        CryptoKeyOrBuilder getCryptoKeyOrBuilder()
         The key used by the encryption function. For deterministic encryption
 using AES-SIV, the provided key is internally expanded to 64 bytes prior to
 use.
        .google.privacy.dlp.v2.CryptoKey crypto_key = 1;

      • hasSurrogateInfoType

        boolean hasSurrogateInfoType()
         The custom info type to annotate the surrogate with.
 This annotation will be applied to the surrogate by prefixing it with
 the name of the custom info type followed by the number of
 characters comprising the surrogate. The following scheme defines the
 format: {info type name}({surrogate character count}):{surrogate}

 For example, if the name of custom info type is 'MY_TOKEN_INFO_TYPE' and
 the surrogate is 'abc', the full replacement value
 will be: 'MY_TOKEN_INFO_TYPE(3):abc'

 This annotation identifies the surrogate when inspecting content using the
 custom info type 'Surrogate'. This facilitates reversal of the
 surrogate when it occurs in free text.

 Note: For record transformations where the entire cell in a table is being
 transformed, surrogates are not mandatory. Surrogates are used to denote
 the location of the token and are necessary for re-identification in free
 form text.

 In order for inspection to work properly, the name of this info type must
 not occur naturally anywhere in your data; otherwise, inspection may either

 - reverse a surrogate that does not correspond to an actual identifier
 - be unable to parse the surrogate and result in an error

 Therefore, choose your custom info type name carefully after considering
 what your data looks like. One way to select a name that has a high chance
 of yielding reliable detection is to include one or more unicode characters
 that are highly improbable to exist in your data.
 For example, assuming your data is entered from a regular ASCII keyboard,
 the symbol with the hex code point 29DD might be used like so:
 ⧝MY_TOKEN_TYPE.
        .google.privacy.dlp.v2.InfoType surrogate_info_type = 2;
        Returns:
        Whether the surrogateInfoType field is set.

      • getSurrogateInfoType

        InfoType getSurrogateInfoType()
         The custom info type to annotate the surrogate with.
 This annotation will be applied to the surrogate by prefixing it with
 the name of the custom info type followed by the number of
 characters comprising the surrogate. The following scheme defines the
 format: {info type name}({surrogate character count}):{surrogate}

 For example, if the name of custom info type is 'MY_TOKEN_INFO_TYPE' and
 the surrogate is 'abc', the full replacement value
 will be: 'MY_TOKEN_INFO_TYPE(3):abc'

 This annotation identifies the surrogate when inspecting content using the
 custom info type 'Surrogate'. This facilitates reversal of the
 surrogate when it occurs in free text.

 Note: For record transformations where the entire cell in a table is being
 transformed, surrogates are not mandatory. Surrogates are used to denote
 the location of the token and are necessary for re-identification in free
 form text.

 In order for inspection to work properly, the name of this info type must
 not occur naturally anywhere in your data; otherwise, inspection may either

 - reverse a surrogate that does not correspond to an actual identifier
 - be unable to parse the surrogate and result in an error

 Therefore, choose your custom info type name carefully after considering
 what your data looks like. One way to select a name that has a high chance
 of yielding reliable detection is to include one or more unicode characters
 that are highly improbable to exist in your data.
 For example, assuming your data is entered from a regular ASCII keyboard,
 the symbol with the hex code point 29DD might be used like so:
 ⧝MY_TOKEN_TYPE.
        .google.privacy.dlp.v2.InfoType surrogate_info_type = 2;
        Returns:
        The surrogateInfoType.

      • getSurrogateInfoTypeOrBuilder

        InfoTypeOrBuilder getSurrogateInfoTypeOrBuilder()
         The custom info type to annotate the surrogate with.
 This annotation will be applied to the surrogate by prefixing it with
 the name of the custom info type followed by the number of
 characters comprising the surrogate. The following scheme defines the
 format: {info type name}({surrogate character count}):{surrogate}

 For example, if the name of custom info type is 'MY_TOKEN_INFO_TYPE' and
 the surrogate is 'abc', the full replacement value
 will be: 'MY_TOKEN_INFO_TYPE(3):abc'

 This annotation identifies the surrogate when inspecting content using the
 custom info type 'Surrogate'. This facilitates reversal of the
 surrogate when it occurs in free text.

 Note: For record transformations where the entire cell in a table is being
 transformed, surrogates are not mandatory. Surrogates are used to denote
 the location of the token and are necessary for re-identification in free
 form text.

 In order for inspection to work properly, the name of this info type must
 not occur naturally anywhere in your data; otherwise, inspection may either

 - reverse a surrogate that does not correspond to an actual identifier
 - be unable to parse the surrogate and result in an error

 Therefore, choose your custom info type name carefully after considering
 what your data looks like. One way to select a name that has a high chance
 of yielding reliable detection is to include one or more unicode characters
 that are highly improbable to exist in your data.
 For example, assuming your data is entered from a regular ASCII keyboard,
 the symbol with the hex code point 29DD might be used like so:
 ⧝MY_TOKEN_TYPE.
        .google.privacy.dlp.v2.InfoType surrogate_info_type = 2;

      • hasContext

        boolean hasContext()
         A context may be used for higher security and maintaining
 referential integrity such that the same identifier in two different
 contexts will be given a distinct surrogate. The context is appended to
 plaintext value being encrypted. On decryption the provided context is
 validated against the value used during encryption. If a context was
 provided during encryption, same context must be provided during decryption
 as well.

 If the context is not set, plaintext would be used as is for encryption.
 If the context is set but:

 1. there is no record present when transforming a given value or
 2. the field is not present when transforming a given value,

 plaintext would be used as is for encryption.

 Note that case (1) is expected when an `InfoTypeTransformation` is
 applied to both structured and unstructured `ContentItem`s.
        .google.privacy.dlp.v2.FieldId context = 3;
        Returns:
        Whether the context field is set.

      • getContext

        FieldId getContext()
         A context may be used for higher security and maintaining
 referential integrity such that the same identifier in two different
 contexts will be given a distinct surrogate. The context is appended to
 plaintext value being encrypted. On decryption the provided context is
 validated against the value used during encryption. If a context was
 provided during encryption, same context must be provided during decryption
 as well.

 If the context is not set, plaintext would be used as is for encryption.
 If the context is set but:

 1. there is no record present when transforming a given value or
 2. the field is not present when transforming a given value,

 plaintext would be used as is for encryption.

 Note that case (1) is expected when an `InfoTypeTransformation` is
 applied to both structured and unstructured `ContentItem`s.
        .google.privacy.dlp.v2.FieldId context = 3;
        Returns:
        The context.

      • getContextOrBuilder

        FieldIdOrBuilder getContextOrBuilder()
         A context may be used for higher security and maintaining
 referential integrity such that the same identifier in two different
 contexts will be given a distinct surrogate. The context is appended to
 plaintext value being encrypted. On decryption the provided context is
 validated against the value used during encryption. If a context was
 provided during encryption, same context must be provided during decryption
 as well.

 If the context is not set, plaintext would be used as is for encryption.
 If the context is set but:

 1. there is no record present when transforming a given value or
 2. the field is not present when transforming a given value,

 plaintext would be used as is for encryption.

 Note that case (1) is expected when an `InfoTypeTransformation` is
 applied to both structured and unstructured `ContentItem`s.
        .google.privacy.dlp.v2.FieldId context = 3;