Rehydration is the process of replacing placeholder tags with original values.
rehydrate()
Replaces PII placeholders with original values.
Signature
function rehydrate(
text: string,
piiMap: Map<string, string>
): string
Parameters
Text containing PII placeholder tags
piiMap
Map<string, string>
required
Decrypted PII map from decryptPIIMap()
Returns
Text with placeholders replaced by original values.
Example
import { rehydrate, decryptPIIMap } from 'rehydra';
// After anonymization and translation
const translated = 'Hallo <PII type="PERSON" id="1"/> von <PII type="ORG" id="1"/>!';
// Decrypt the PII map
const key = await keyProvider.getKey();
const piiMap = await decryptPIIMap(result.piiMap, key);
// Map { 'PERSON:1' => 'John Smith', 'ORG:1' => 'Acme Corp' }
// Rehydrate
const original = rehydrate(translated, piiMap);
// "Hallo John Smith von Acme Corp!"
decryptPIIMap()
Decrypts the encrypted PII map from an anonymization result.
Signature
function decryptPIIMap(
encryptedMap: EncryptedPIIMap,
key: Uint8Array
): Promise<Map<string, string>>
Parameters
The encrypted PII map from result.piiMapinterface EncryptedPIIMap {
ciphertext: string; // Base64
iv: string; // Base64
authTag: string; // Base64
}
The encryption key (same key used during anonymization)
Returns
A Map<string, string> where:
- Key:
"TYPE:id" (e.g., "EMAIL:1", "PERSON:2")
- Value: Original PII value
Example
import { decryptPIIMap, InMemoryKeyProvider } from 'rehydra';
const keyProvider = new InMemoryKeyProvider();
// During anonymization
const anonymizer = createAnonymizer({ keyProvider });
const result = await anonymizer.anonymize('Email: [email protected]');
// Later, to rehydrate
const key = await keyProvider.getKey();
const piiMap = await decryptPIIMap(result.piiMap, key);
console.log(piiMap.get('EMAIL:1')); // "[email protected]"
Complete Workflow
import {
createAnonymizer,
decryptPIIMap,
rehydrate,
InMemoryKeyProvider
} from 'rehydra';
// 1. Setup
const keyProvider = new InMemoryKeyProvider();
const anonymizer = createAnonymizer({
ner: { mode: 'quantized' },
keyProvider
});
await anonymizer.initialize();
// 2. Anonymize
const result = await anonymizer.anonymize(
'Contact John Smith at [email protected]'
);
console.log(result.anonymizedText);
// "Contact <PII type="PERSON" id="1"/> at <PII type="EMAIL" id="1"/>"
// 3. Process (e.g., translate)
const translated = await translate(result.anonymizedText);
// "Kontaktieren Sie <PII type="PERSON" id="1"/> unter <PII type="EMAIL" id="1"/>"
// 4. Decrypt PII map
const key = await keyProvider.getKey();
const piiMap = await decryptPIIMap(result.piiMap, key);
// 5. Rehydrate
const final = rehydrate(translated, piiMap);
console.log(final);
// "Kontaktieren Sie John Smith unter [email protected]"
// 6. Cleanup
await anonymizer.dispose();
Session-Based Rehydration
When using sessions, rehydration is simplified:
const session = anonymizer.session('chat-123');
// Anonymize (auto-saves PII map)
const result = await session.anonymize('Hello John Smith!');
// Rehydrate (auto-loads and decrypts)
const original = await session.rehydrate(result.anonymizedText);
Rehydrate expects placeholders in this format:
<PII type="TYPE" id="N"/>
<PII type="TYPE" id="N" gender="..."/>
<PII type="TYPE" id="N" scope="..."/>
type and id attributes.
const text = 'Hello <PII type="PERSON" id="1"/> and <BROKEN/>';
const result = rehydrate(text, piiMap);
// "Hello John Smith and <BROKEN/>"
// Unmatched tags are preserved
Error Handling
Missing Key
try {
const piiMap = await decryptPIIMap(result.piiMap, wrongKey);
} catch (error) {
// "Decryption failed: invalid key or corrupted data"
}
Missing PII Entry
const piiMap = new Map([['EMAIL:1', '[email protected]']]);
const text = '<PII type="PERSON" id="1"/>'; // Not in map
const result = rehydrate(text, piiMap);
// "<PII type="PERSON" id="1"/>" // Unchanged (no match)
- Encryption - How PII maps are encrypted
- Sessions - Simplified rehydration with sessions
- Crypto - Key management utilities
