Skip to contents

Wrap a pair of sodium keys for asymmetric encryption. You should pass your private key and the public key of the person that you are communicating with.

Usage

keypair_sodium(pub, key, authenticated = TRUE)

Arguments

pub

A sodium public key. This is either a raw vector of length 32 or a path to file containing the contents of the key (written by writeBin()).

key

A sodium private key. This is either a raw vector of length 32 or a path to file containing the contents of the key (written by writeBin()).

authenticated

Logical, indicating if authenticated encryption (via sodium::auth_encrypt() / sodium::auth_decrypt()) should be used. If FALSE then sodium::simple_encrypt() / sodium::simple_decrypt() will be used. The difference is that with authenticated = TRUE the message is signed with your private key so that tampering with the message will be detected.

Details

NOTE: the order here (pub, key) is very important; if the wrong order is used you cannot decrypt things. Unfortunately because sodium keys are just byte sequences there is nothing to distinguish the public and private keys so this is a pretty easy mistake to make.

See also

keypair_openssl() for a similar function using openssl keypairs

Examples


# Generate two keypairs, one for Alice, and one for Bob
key_alice <- sodium::keygen()
pub_alice <- sodium::pubkey(key_alice)
key_bob <- sodium::keygen()
pub_bob <- sodium::pubkey(key_bob)

# Alice wants to send Bob a message so she creates a key pair with
# her private key and bob's public key (she does not have bob's
# private key).
pair_alice <- cyphr::keypair_sodium(pub = pub_bob, key = key_alice)

# She can then encrypt a secret message:
secret <- cyphr::encrypt_string("hi bob", pair_alice)
secret
#>  [1] 71 09 82 75 9f 87 b6 cd 9e 7b 02 9e a0 b4 9c e2 5c 3f 2d 6f 93 5b f1 b1 c3
#> [26] b5 e1 ed f3 8b 57 3b 50 e8 60 66 7d 63 f9 fa 67 66 a8 45 6b 53

# Bob wants to read the message so he creates a key pair using
# Alice's public key and his private key:
pair_bob <- cyphr::keypair_sodium(pub = pub_alice, key = key_bob)

cyphr::decrypt_string(secret, pair_bob)
#> [1] "hi bob"