Skip to contents

Encrypt and decrypt raw data, objects, strings and files. The core functions here are encrypt_data and decrypt_data which take raw data and decrypt it, writing either to file or returning a raw vector. The other functions encrypt and decrypt arbitrary R objects (encrypt_object, decrypt_object), strings (encrypt_string, decrypt_string) and files (encrypt_file, decrypt_file).

Usage

encrypt_data(data, key, dest = NULL)

encrypt_object(object, key, dest = NULL, rds_version = NULL)

encrypt_string(string, key, dest = NULL)

encrypt_file(path, key, dest = NULL)

decrypt_data(data, key, dest = NULL)

decrypt_object(data, key)

decrypt_string(data, key)

decrypt_file(path, key, dest = NULL)

Arguments

data

(for encrypt_data, decrypt_data, decrypt_object, decrypt_string) a raw vector with the data to be encrypted or decrypted. For the decryption functions this must be data derived by encrypting something or you will get an error.

key

A cyphr_key object describing the encryption approach to use.

dest

The destination filename for the encrypted or decrypted data, or NULL to return a raw vector. This is not used by decrypt_object or decrypt_string which always return an object or string.

object

(for encrypt_object) an arbitrary R object to encrypt. It will be serialised to raw first (see serialize).

rds_version

RDS serialisation version to use (see serialize. The default in R version 3.3 and below is version 2 - in the R 3.4 series version 3 was introduced and is becoming the default. Version 3 format serialisation is not understood by older versions so if you need to exchange data with older R versions, you will need to use rds_version = 2. The default argument here (NULL) will ensure the same serialisation is used as R would use by default.

string

(for encrypt_string) a scalar character vector to encrypt. It will be converted to raw first with charToRaw.

path

(for encrypt_file) the name of a file to encrypt. It will first be read into R as binary (see readBin).

Examples

key <- key_sodium(sodium::keygen())
# Some super secret data we want to encrypt:
x <- runif(10)
# Convert the data into a raw vector:
data <- serialize(x, NULL)
data
#>   [1] 58 0a 00 00 00 03 00 04 02 02 00 03 05 00 00 00 00 05 55 54 46 2d 38 00 00
#>  [26] 00 0e 00 00 00 0a 3f b4 ec fc 06 00 00 00 3f cf 91 0c 49 80 00 00 3f e6 40
#>  [51] fa d6 40 00 00 3f ea 4f 01 ed a0 00 00 3f cb c0 8f 9d 00 00 00 3f e8 1d 3f
#>  [76] 3e 40 00 00 3f 98 7b f4 64 00 00 00 3f e0 14 5e 36 a0 00 00 3f c4 99 47 9c
#> [101] 80 00 00 3f ec 63 ad 59 c0 00 00
# Encrypt the data; without the key above we will never be able to
# decrypt this.
data_enc <- encrypt_data(data, key)
data_enc
#>   [1] a6 74 ee f5 18 17 1b 21 b4 89 ca 03 66 93 3f 39 60 cd 6c bf d1 5b ac 68 7d
#>  [26] bb 78 44 5b 4a 90 6d 3b 54 ea 0b 84 f5 70 95 23 ed d1 ef 9d 57 9a 8d a0 c8
#>  [51] 7f 7e cb e8 b8 81 fe f0 9f ac 5a 1e ed bd 1a 40 c8 58 3f fa be 3f af 3c 34
#>  [76] 56 df e2 c4 06 58 59 bd ca f1 7c 3c 51 07 ad 66 e1 b6 77 89 0b 9a f8 7a 2e
#> [101] 81 00 93 45 28 fe c6 16 b5 a9 3f 38 77 d4 fd 51 f4 9d 4a 82 31 38 d5 d4 a3
#> [126] 7d 24 cb db c7 9d 13 1a 8f 4e f2 b8 43 0e b3 c3 23 66 88 cc cf 42 f6 cc f0
#> [151] 79
# Our random numbers:
unserialize(decrypt_data(data_enc, key))
#>  [1] 0.08174110 0.24661401 0.69543211 0.82214447 0.21681400 0.75357020
#>  [7] 0.02391035 0.50248633 0.16092773 0.88716762
# Same as the never-encrypted version:
x
#>  [1] 0.08174110 0.24661401 0.69543211 0.82214447 0.21681400 0.75357020
#>  [7] 0.02391035 0.50248633 0.16092773 0.88716762

# This can be achieved more easily using `encrypt_object`:
data_enc <- encrypt_object(x, key)
identical(decrypt_object(data_enc, key), x)
#> [1] TRUE

# Encrypt strings easily:
str_enc <- encrypt_string("secret message", key)
str_enc
#>  [1] 84 53 11 b1 10 59 24 cf c2 0c ab 32 9a 62 95 ad dc 80 f0 b6 4b 20 38 30 e6
#> [26] b3 45 28 ce 74 53 9d 70 01 8e 3d ed d2 0f 51 5d 9e c0 fc ca 91 ae 6d 1b 47
#> [51] 1a 35 6b d1
decrypt_string(str_enc, key)
#> [1] "secret message"