Skip to contents

Wrap a pair of sodium keys for asymmetric encryption. You should pass your private key and the public key of the person that you are communicating with.

Usage

keypair_sodium(pub, key, authenticated = TRUE)

Arguments

pub

A sodium public key. This is either a raw vector of length 32 or a path to file containing the contents of the key (written by writeBin()).

key

A sodium private key. This is either a raw vector of length 32 or a path to file containing the contents of the key (written by writeBin()).

authenticated

Logical, indicating if authenticated encryption (via sodium::auth_encrypt() / sodium::auth_decrypt()) should be used. If FALSE then sodium::simple_encrypt() / sodium::simple_decrypt() will be used. The difference is that with authenticated = TRUE the message is signed with your private key so that tampering with the message will be detected.

Details

NOTE: the order here (pub, key) is very important; if the wrong order is used you cannot decrypt things. Unfortunately because sodium keys are just byte sequences there is nothing to distinguish the public and private keys so this is a pretty easy mistake to make.

See also

keypair_openssl() for a similar function using openssl keypairs

Examples


# Generate two keypairs, one for Alice, and one for Bob
key_alice <- sodium::keygen()
pub_alice <- sodium::pubkey(key_alice)
key_bob <- sodium::keygen()
pub_bob <- sodium::pubkey(key_bob)

# Alice wants to send Bob a message so she creates a key pair with
# her private key and bob's public key (she does not have bob's
# private key).
pair_alice <- cyphr::keypair_sodium(pub = pub_bob, key = key_alice)

# She can then encrypt a secret message:
secret <- cyphr::encrypt_string("hi bob", pair_alice)
secret
#>  [1] 0a 93 3a 82 1e bd 71 4f de 2c 2a b8 c3 41 dd 7a 94 3b 05 d0 fd d4 7a 5b fa
#> [26] 74 40 c5 e6 ee 69 b1 0d 24 b8 08 39 7f b7 7f 6b 98 d2 d2 9f 87

# Bob wants to read the message so he creates a key pair using
# Alice's public key and his private key:
pair_bob <- cyphr::keypair_sodium(pub = pub_alice, key = key_bob)

cyphr::decrypt_string(secret, pair_bob)
#> [1] "hi bob"