Skip to contents

Encrypt and decrypt raw data, objects, strings and files. The core functions here are encrypt_data and decrypt_data which take raw data and decrypt it, writing either to file or returning a raw vector. The other functions encrypt and decrypt arbitrary R objects (encrypt_object, decrypt_object), strings (encrypt_string, decrypt_string) and files (encrypt_file, decrypt_file).

Usage

encrypt_data(data, key, dest = NULL)

encrypt_object(object, key, dest = NULL, rds_version = NULL)

encrypt_string(string, key, dest = NULL)

encrypt_file(path, key, dest = NULL)

decrypt_data(data, key, dest = NULL)

decrypt_object(data, key)

decrypt_string(data, key)

decrypt_file(path, key, dest = NULL)

Arguments

data

(for encrypt_data, decrypt_data, decrypt_object, decrypt_string) a raw vector with the data to be encrypted or decrypted. For the decryption functions this must be data derived by encrypting something or you will get an error.

key

A cyphr_key object describing the encryption approach to use.

dest

The destination filename for the encrypted or decrypted data, or NULL to return a raw vector. This is not used by decrypt_object or decrypt_string which always return an object or string.

object

(for encrypt_object) an arbitrary R object to encrypt. It will be serialised to raw first (see serialize).

rds_version

RDS serialisation version to use (see serialize. The default in R version 3.3 and below is version 2 - in the R 3.4 series version 3 was introduced and is becoming the default. Version 3 format serialisation is not understood by older versions so if you need to exchange data with older R versions, you will need to use rds_version = 2. The default argument here (NULL) will ensure the same serialisation is used as R would use by default.

string

(for encrypt_string) a scalar character vector to encrypt. It will be converted to raw first with charToRaw.

path

(for encrypt_file) the name of a file to encrypt. It will first be read into R as binary (see readBin).

Examples

key <- key_sodium(sodium::keygen())
# Some super secret data we want to encrypt:
x <- runif(10)
# Convert the data into a raw vector:
data <- serialize(x, NULL)
data
#>   [1] 58 0a 00 00 00 03 00 04 05 00 00 03 05 00 00 00 00 05 55 54 46 2d 38 00 00
#>  [26] 00 0e 00 00 00 0a 3f e7 73 c4 ec c0 00 00 3f e8 b8 7f 08 40 00 00 3f eb fc
#>  [51] ba 86 60 00 00 3f c6 64 74 57 80 00 00 3f a1 88 14 78 00 00 00 3f d4 81 33
#>  [76] 27 00 00 00 3f d9 bf be f0 80 00 00 3f c9 0b b5 8a 80 00 00 3f d9 d3 91 8a
#> [101] 40 00 00 3f b0 4c 1e 05 00 00 00
# Encrypt the data; without the key above we will never be able to
# decrypt this.
data_enc <- encrypt_data(data, key)
data_enc
#>   [1] 61 f8 3a 75 73 dc e3 ab f7 08 d9 cf 9f ca 9c a1 af e7 01 a0 c9 82 c0 87 3b
#>  [26] 93 79 0b 7e 91 f6 7c f6 86 1b fd ec 99 3b 3b 01 25 80 28 60 40 d3 3f a5 b9
#>  [51] 01 9b b9 8b ac 36 0a 01 57 54 79 4e b7 e3 21 13 ff 9f c9 60 22 cf 0d 8d 85
#>  [76] b3 d8 1f 09 62 cf 31 7e 67 d4 b9 53 de 24 ea 1b cf ea 4c e5 2f 5d 6b 94 59
#> [101] 37 a2 42 f1 b6 20 e6 70 61 6a 69 7d 8e e2 76 79 80 d4 92 a7 9c 6c 00 c2 0f
#> [126] 9c 9b 9f 93 58 ea e8 6e e1 c0 81 cf 60 0c f1 23 44 a0 9e 9f c0 71 a4 0f b7
#> [151] d1
# Our random numbers:
unserialize(decrypt_data(data_enc, key))
#>  [1] 0.73288199 0.77252151 0.87460066 0.17494063 0.03424133 0.32038573
#>  [7] 0.40232824 0.19566983 0.40353812 0.06366146
# Same as the never-encrypted version:
x
#>  [1] 0.73288199 0.77252151 0.87460066 0.17494063 0.03424133 0.32038573
#>  [7] 0.40232824 0.19566983 0.40353812 0.06366146

# This can be achieved more easily using `encrypt_object`:
data_enc <- encrypt_object(x, key)
identical(decrypt_object(data_enc, key), x)
#> [1] TRUE

# Encrypt strings easily:
str_enc <- encrypt_string("secret message", key)
str_enc
#>  [1] 3e 21 74 bb 8a 5e c2 13 ea 93 20 76 e4 c0 b5 62 e5 df 47 9c 55 fc 0f df de
#> [26] f5 2c 9e 56 46 68 b2 f9 dd 4f 92 80 53 ea 6c f2 d0 32 46 56 5b c5 14 80 90
#> [51] 27 70 9c 8e
decrypt_string(str_enc, key)
#> [1] "secret message"