Skip to contents

Encrypt and decrypt raw data, objects, strings and files. The core functions here are encrypt_data and decrypt_data which take raw data and decrypt it, writing either to file or returning a raw vector. The other functions encrypt and decrypt arbitrary R objects (encrypt_object, decrypt_object), strings (encrypt_string, decrypt_string) and files (encrypt_file, decrypt_file).

Usage

encrypt_data(data, key, dest = NULL)

encrypt_object(object, key, dest = NULL, rds_version = NULL)

encrypt_string(string, key, dest = NULL)

encrypt_file(path, key, dest = NULL)

decrypt_data(data, key, dest = NULL)

decrypt_object(data, key)

decrypt_string(data, key)

decrypt_file(path, key, dest = NULL)

Arguments

data

(for encrypt_data, decrypt_data, decrypt_object, decrypt_string) a raw vector with the data to be encrypted or decrypted. For the decryption functions this must be data derived by encrypting something or you will get an error.

key

A cyphr_key object describing the encryption approach to use.

dest

The destination filename for the encrypted or decrypted data, or NULL to return a raw vector. This is not used by decrypt_object or decrypt_string which always return an object or string.

object

(for encrypt_object) an arbitrary R object to encrypt. It will be serialised to raw first (see serialize).

rds_version

RDS serialisation version to use (see serialize. The default in R version 3.3 and below is version 2 - in the R 3.4 series version 3 was introduced and is becoming the default. Version 3 format serialisation is not understood by older versions so if you need to exchange data with older R versions, you will need to use rds_version = 2. The default argument here (NULL) will ensure the same serialisation is used as R would use by default.

string

(for encrypt_string) a scalar character vector to encrypt. It will be converted to raw first with charToRaw.

path

(for encrypt_file) the name of a file to encrypt. It will first be read into R as binary (see readBin).

Examples

key <- key_sodium(sodium::keygen())
# Some super secret data we want to encrypt:
x <- runif(10)
# Convert the data into a raw vector:
data <- serialize(x, NULL)
data
#>   [1] 58 0a 00 00 00 03 00 04 01 02 00 03 05 00 00 00 00 05 55 54 46 2d 38 00 00
#>  [26] 00 0e 00 00 00 0a 3f d9 0e da 9b 80 00 00 3f e7 6c 1f 1f 00 00 00 3f e9 da
#>  [51] 77 aa 40 00 00 3f e1 95 f3 cc 40 00 00 3f ee fb 56 f4 00 00 00 3f dd 36 1c
#>  [76] 6d 80 00 00 3f b7 94 41 d4 00 00 00 3f ce 97 ce c2 00 00 00 3f e6 eb 36 4e
#> [101] e0 00 00 3f d2 e3 e3 42 80 00 00
# Encrypt the data; without the key above we will never be able to
# decrypt this.
data_enc <- encrypt_data(data, key)
data_enc
#>   [1] 1a 45 ac cc 2f 1f 9b d4 61 23 5d e8 7b 12 0c 2e 83 60 0e 6f a8 93 bc 04 5f
#>  [26] fe 4d c5 4b 08 83 1f 93 0f 45 28 87 11 04 9d bc 93 7a d7 9a 5e 8e 97 f0 b9
#>  [51] f9 02 5c 2c f4 6b 54 a1 de 6b b5 57 41 e6 16 62 da 38 76 17 4a 20 fd 1b 87
#>  [76] 41 86 19 0c 50 4e cb 11 c7 42 f6 f5 5f 51 00 d7 98 42 02 00 33 9d 03 02 00
#> [101] e5 3d 54 16 2c 5d 79 29 89 35 c3 66 15 85 3e 21 d5 f5 04 33 4e 54 31 f8 59
#> [126] 1b b9 d0 94 ad 71 9b e0 b0 36 95 db 7e 94 09 4b a7 43 5b 5a aa cc 79 6a c7
#> [151] fe
# Our random numbers:
unserialize(decrypt_data(data_enc, key))
#>  [1] 0.39153161 0.73194843 0.80791839 0.54955473 0.96818111 0.45642768
#>  [7] 0.09210597 0.23900780 0.71621242 0.29515916
# Same as the never-encrypted version:
x
#>  [1] 0.39153161 0.73194843 0.80791839 0.54955473 0.96818111 0.45642768
#>  [7] 0.09210597 0.23900780 0.71621242 0.29515916

# This can be achieved more easily using `encrypt_object`:
data_enc <- encrypt_object(x, key)
identical(decrypt_object(data_enc, key), x)
#> [1] TRUE

# Encrypt strings easily:
str_enc <- encrypt_string("secret message", key)
str_enc
#>  [1] ae f5 cd 2e 4d 21 19 7d ed 77 16 99 82 1e 17 6b ac bf a7 ba b8 2a 40 9a 6f
#> [26] 7a a7 af a4 df 05 1a 15 be d7 4d aa 59 7f c5 4f 2a 58 a5 5b 94 99 8b ab 59
#> [51] 0b ce dd c3
decrypt_string(str_enc, key)
#> [1] "secret message"