Skip to contents

Encrypt and decrypt raw data, objects, strings and files. The core functions here are encrypt_data and decrypt_data which take raw data and decrypt it, writing either to file or returning a raw vector. The other functions encrypt and decrypt arbitrary R objects (encrypt_object, decrypt_object), strings (encrypt_string, decrypt_string) and files (encrypt_file, decrypt_file).

Usage

encrypt_data(data, key, dest = NULL)

encrypt_object(object, key, dest = NULL, rds_version = NULL)

encrypt_string(string, key, dest = NULL)

encrypt_file(path, key, dest = NULL)

decrypt_data(data, key, dest = NULL)

decrypt_object(data, key)

decrypt_string(data, key)

decrypt_file(path, key, dest = NULL)

Arguments

data

(for encrypt_data, decrypt_data, decrypt_object, decrypt_string) a raw vector with the data to be encrypted or decrypted. For the decryption functions this must be data derived by encrypting something or you will get an error.

key

A cyphr_key object describing the encryption approach to use.

dest

The destination filename for the encrypted or decrypted data, or NULL to return a raw vector. This is not used by decrypt_object or decrypt_string which always return an object or string.

object

(for encrypt_object) an arbitrary R object to encrypt. It will be serialised to raw first (see serialize).

rds_version

RDS serialisation version to use (see serialize. The default in R version 3.3 and below is version 2 - in the R 3.4 series version 3 was introduced and is becoming the default. Version 3 format serialisation is not understood by older versions so if you need to exchange data with older R versions, you will need to use rds_version = 2. The default argument here (NULL) will ensure the same serialisation is used as R would use by default.

string

(for encrypt_string) a scalar character vector to encrypt. It will be converted to raw first with charToRaw.

path

(for encrypt_file) the name of a file to encrypt. It will first be read into R as binary (see readBin).

Examples

key <- key_sodium(sodium::keygen())
# Some super secret data we want to encrypt:
x <- runif(10)
# Convert the data into a raw vector:
data <- serialize(x, NULL)
data
#>   [1] 58 0a 00 00 00 03 00 04 02 00 00 03 05 00 00 00 00 05 55 54 46 2d 38 00 00
#>  [26] 00 0e 00 00 00 0a 3f e9 35 e1 93 a0 00 00 3f e3 a6 63 a7 40 00 00 3f d8 af
#>  [51] 8c 61 40 00 00 3f d4 d1 c6 0c 80 00 00 3f cc 5c 79 47 00 00 00 3f bd 54 ff
#>  [76] 9b 00 00 00 3f c3 93 b3 15 00 00 00 3f bd 87 0a dd 00 00 00 3f d6 d3 6f 01
#> [101] 80 00 00 3f 92 9a cd 20 00 00 00
# Encrypt the data; without the key above we will never be able to
# decrypt this.
data_enc <- encrypt_data(data, key)
data_enc
#>   [1] 20 9c 6f c4 b8 69 73 d5 cf 3f 94 d1 1e 94 51 4b e7 e6 87 de bf d3 dd c8 b6
#>  [26] 34 e6 4a 41 23 49 ba f0 9c 49 15 42 ad 0a 02 0c e2 f5 a1 cf 43 08 a6 1b 28
#>  [51] 28 9f 03 cf 4d dc 9f 18 56 43 c4 fc 76 e2 d5 55 a3 e1 2a bb 30 32 e0 c5 c5
#>  [76] a6 d1 1c 1b 44 5b af a7 82 de 38 1d 6e 92 15 1b 30 c1 71 89 85 3e 3e 55 50
#> [101] a3 1c ca 43 74 a3 f3 36 1b 42 03 07 3f 3d fa 20 f2 59 e3 59 bc 48 cf 1d f8
#> [126] 83 08 a8 02 8f 33 0c f6 fc f1 ab d2 3a e0 7b d0 cc 23 d3 cb 79 69 4b af 6f
#> [151] 80
# Our random numbers:
unserialize(decrypt_data(data_enc, key))
#>  [1] 0.78782729 0.61406119 0.38571462 0.32530357 0.22157207 0.11457822
#>  [7] 0.15294493 0.11534183 0.35665488 0.01816864
# Same as the never-encrypted version:
x
#>  [1] 0.78782729 0.61406119 0.38571462 0.32530357 0.22157207 0.11457822
#>  [7] 0.15294493 0.11534183 0.35665488 0.01816864

# This can be achieved more easily using `encrypt_object`:
data_enc <- encrypt_object(x, key)
identical(decrypt_object(data_enc, key), x)
#> [1] TRUE

# Encrypt strings easily:
str_enc <- encrypt_string("secret message", key)
str_enc
#>  [1] e5 77 bc fb 7e a0 27 d2 24 91 2a e1 16 73 f7 c4 e9 5b ba 6b 5f 8f 3e 56 26
#> [26] f1 ff 64 75 37 08 43 28 8f 88 22 bb 9d 5e ed 06 6d e6 19 8c 14 07 a4 9e e2
#> [51] 61 03 dc f9
decrypt_string(str_enc, key)
#> [1] "secret message"