Skip to contents

Encrypt and decrypt raw data, objects, strings and files. The core functions here are encrypt_data and decrypt_data which take raw data and decrypt it, writing either to file or returning a raw vector. The other functions encrypt and decrypt arbitrary R objects (encrypt_object, decrypt_object), strings (encrypt_string, decrypt_string) and files (encrypt_file, decrypt_file).

Usage

encrypt_data(data, key, dest = NULL)

encrypt_object(object, key, dest = NULL, rds_version = NULL)

encrypt_string(string, key, dest = NULL)

encrypt_file(path, key, dest = NULL)

decrypt_data(data, key, dest = NULL)

decrypt_object(data, key)

decrypt_string(data, key)

decrypt_file(path, key, dest = NULL)

Arguments

data

(for encrypt_data, decrypt_data, decrypt_object, decrypt_string) a raw vector with the data to be encrypted or decrypted. For the decryption functions this must be data derived by encrypting something or you will get an error.

key

A cyphr_key object describing the encryption approach to use.

dest

The destination filename for the encrypted or decrypted data, or NULL to return a raw vector. This is not used by decrypt_object or decrypt_string which always return an object or string.

object

(for encrypt_object) an arbitrary R object to encrypt. It will be serialised to raw first (see serialize).

rds_version

RDS serialisation version to use (see serialize. The default in R version 3.3 and below is version 2 - in the R 3.4 series version 3 was introduced and is becoming the default. Version 3 format serialisation is not understood by older versions so if you need to exchange data with older R versions, you will need to use rds_version = 2. The default argument here (NULL) will ensure the same serialisation is used as R would use by default.

string

(for encrypt_string) a scalar character vector to encrypt. It will be converted to raw first with charToRaw.

path

(for encrypt_file) the name of a file to encrypt. It will first be read into R as binary (see readBin).

Examples

key <- key_sodium(sodium::keygen())
# Some super secret data we want to encrypt:
x <- runif(10)
# Convert the data into a raw vector:
data <- serialize(x, NULL)
data
#>   [1] 58 0a 00 00 00 03 00 04 04 01 00 03 05 00 00 00 00 05 55 54 46 2d 38 00 00
#>  [26] 00 0e 00 00 00 0a 3f b4 ac 0a 80 00 00 00 3f ea b2 db 32 a0 00 00 3f e3 39
#>  [51] 6e e4 e0 00 00 3f c4 1f 67 fd 80 00 00 3f 7e 4e e0 60 00 00 00 3f dd d9 64
#>  [76] 1c 80 00 00 3f df db 95 b1 40 00 00 3f d2 8b 8b e9 c0 00 00 3f e7 73 c4 ec
#> [101] c0 00 00 3f e8 b8 7f 08 40 00 00
# Encrypt the data; without the key above we will never be able to
# decrypt this.
data_enc <- encrypt_data(data, key)
data_enc
#>   [1] ad e1 ff 25 72 ea ab 1e 7c 10 4b 02 e4 ee 1e fe cf 03 24 41 30 50 5d c9 01
#>  [26] d5 23 84 d1 37 cc 71 2d 7a fe c9 42 1c 32 f0 b3 4a fe c8 61 5f 76 13 cb 3d
#>  [51] 42 ce 84 33 fb 6b 11 18 de be 50 eb f3 fd 91 2f d2 95 be a9 99 b7 eb 82 8c
#>  [76] b8 6f bc 4d 62 71 3f 71 8c 97 bf cc e1 94 41 ac 19 7c 5b 16 51 f0 93 09 a5
#> [101] 2e ac 80 ca 1a fc e0 3a ae eb 4d 67 7b f8 1c c8 8e be 18 05 87 1e 83 f8 d2
#> [126] f8 5e fe cd 36 71 63 b5 77 93 0e 81 4c f3 60 00 47 1f 37 cc 32 b2 d4 ad 8f
#> [151] 98
# Our random numbers:
unserialize(decrypt_data(data_enc, key))
#>  [1] 0.080750138 0.834333037 0.600760886 0.157208442 0.007399441 0.466393497
#>  [7] 0.497777389 0.289767245 0.732881987 0.772521511
# Same as the never-encrypted version:
x
#>  [1] 0.080750138 0.834333037 0.600760886 0.157208442 0.007399441 0.466393497
#>  [7] 0.497777389 0.289767245 0.732881987 0.772521511

# This can be achieved more easily using `encrypt_object`:
data_enc <- encrypt_object(x, key)
identical(decrypt_object(data_enc, key), x)
#> [1] TRUE

# Encrypt strings easily:
str_enc <- encrypt_string("secret message", key)
str_enc
#>  [1] 1b c5 c4 74 b3 2e 11 bc 12 b4 33 c1 db 39 29 9a 94 67 2b 1a 68 1a f9 ca 2a
#> [26] a1 13 87 ac e0 55 5c b0 3c 27 16 39 12 6f 4b c7 cc 02 e8 6f 83 fe 06 a0 2d
#> [51] 92 b0 16 14
decrypt_string(str_enc, key)
#> [1] "secret message"