Skip to contents

Wrap a pair of sodium keys for asymmetric encryption. You should pass your private key and the public key of the person that you are communicating with.

Usage

keypair_sodium(pub, key, authenticated = TRUE)

Arguments

pub

A sodium public key. This is either a raw vector of length 32 or a path to file containing the contents of the key (written by writeBin()).

key

A sodium private key. This is either a raw vector of length 32 or a path to file containing the contents of the key (written by writeBin()).

authenticated

Logical, indicating if authenticated encryption (via sodium::auth_encrypt() / sodium::auth_decrypt()) should be used. If FALSE then sodium::simple_encrypt() / sodium::simple_decrypt() will be used. The difference is that with authenticated = TRUE the message is signed with your private key so that tampering with the message will be detected.

Details

NOTE: the order here (pub, key) is very important; if the wrong order is used you cannot decrypt things. Unfortunately because sodium keys are just byte sequences there is nothing to distinguish the public and private keys so this is a pretty easy mistake to make.

See also

keypair_openssl() for a similar function using openssl keypairs

Examples


# Generate two keypairs, one for Alice, and one for Bob
key_alice <- sodium::keygen()
pub_alice <- sodium::pubkey(key_alice)
key_bob <- sodium::keygen()
pub_bob <- sodium::pubkey(key_bob)

# Alice wants to send Bob a message so she creates a key pair with
# her private key and bob's public key (she does not have bob's
# private key).
pair_alice <- cyphr::keypair_sodium(pub = pub_bob, key = key_alice)

# She can then encrypt a secret message:
secret <- cyphr::encrypt_string("hi bob", pair_alice)
secret
#>  [1] 5e 3f 28 35 59 4d 75 25 77 f2 f0 16 af 73 fe 45 ff 70 39 d7 e5 12 80 77 7b
#> [26] aa 01 3e f4 03 b6 71 87 01 6a 8d 34 3f 63 bd 8f dd b8 27 5a 09

# Bob wants to read the message so he creates a key pair using
# Alice's public key and his private key:
pair_bob <- cyphr::keypair_sodium(pub = pub_alice, key = key_bob)

cyphr::decrypt_string(secret, pair_bob)
#> [1] "hi bob"