Constructor.
Domain.
Tweak.
Get the tweak.
Get the domain.
Static
getGet a transformer, constructing it if necessary. The type returned is IdentityTransformer if tweak is undefined, EncryptionTransformer if tweak is defined. Note that although an EncryptionTransformer with a zero tweak operates as an IdentityTransformer, EncryptionTransformer is still the type returned if a zero tweak is explicitly specified.
Domain.
Optional
tweak: number | bigintTweak.
IdentityTransformer if tweak is undefined, EncryptionTransformer if tweak is defined.
Protected
doProtected
doTransform a value forward.
Value.
Transformed value.
Transform a value forward.
Value.
Called after the value is transformed to convert it to its final value.
Value transformed into object.
Transform values forward.
Transformed values.
Transform values forward.
Values. If this is an instance of Sequencer, the minimum and maximum values are validated prior to transformation. Otherwise, the individual values are validated at the time of transformation.
Called after each value is transformed to convert it to its final value.
Values transformed into objects.
Transform a value or values forward. This signature exists to allow similar overloaded methods in other classes to call this method correctly.
Transform a value or values forward. This signature exists to allow similar overloaded methods in other classes to call this method correctly.
Encryption transformer. Values are transformed using repeated shuffle and xor operations. The underlying operations are similar to those found in many cryptography algorithms, particularly AES. While sufficient for obfuscation of numeric sequences (e.g., serial number generation, below), if true format-preserving encryption is required, a more robust algorithm such as FF1 is recommended.
The purpose of the encryption transformer is to generate pseudo-random values in a deterministic manner to obscure the sequence of values generated over time. A typical example is for serial number generation, where knowledge of the sequence can infer production volumes (e.g., serial number 1000 implies that at least 1,000 units have been manufactured) or can be used in counterfeiting (e.g., a counterfeiter can generate serial numbers 1001, 1002, ... with reasonable confidence that they would be valid if queried).
The domain and the tweak together determine the encryption key, which in turn determines the number of rounds of shuffle and xor operations. The minimum number of rounds is 4, except where the domain is less than or equal to 256, which results in single-byte operations. To ensure that the operations are effective for single-byte domains, the number of rounds is 1 and only the xor operation is applied (shuffling a single byte is an identity operation).
Another exception is when there is a tweak value of 0; this results in identity operations where the output value is identical to the input value, as no shuffle or xor takes place.