PKI.crypt: PKI encryption/decryption functions
In PKI: Public Key Infrastucture for R Based on the X.509 Standard
PKI.crypt R Documentation
PKI encryption/decryption functions
Description
PKI.encrypt encrypts a raw vector
PKI.decrypt decrypts a raw vector
Usage
PKI.encrypt(what, key, cipher = NULL, iv = NULL)
PKI.decrypt(what, key, cipher = NULL, iv = NULL)
Arguments
what
raw vector to encrypt/decrypt. It must not exceed the key
size minus padding
key
key to use for encryption/decryption
cipher
cipher to use for encryption/decryption
iv
initialization vector for ciphers that use it (e.g.,
CBC). NULL corresponds to all-zeroes IV, otherwise must be
either a string or a raw vector with sufficiently many bytes to
match the IV length for the cipher.
Value
Raw vector (encrypted/decrypted)
Note
The cipher is optional for key objects that already contain the
cipher information such as RSA keys (in fact it is ignored in that
case).
Supported symmetric ciphers are AES-128, AES-256 and BF
(blowfish). Each cipher can be used in CBC (default), ECB or OFB
modes which are specified as suffix, so "aes256ofb" would
specify AES-256 in OFB mode. Case and non-alphanumeric characters are
ignored, so the same could be specified as "AES-256-OFB".
PKCS padding is used to fill up to the block size. Analogously, PKCS
padding is expected when decoding.
Note that the payload for RSA encryption should be very small since
it must fit into the key size including padding. For example, 1024-bit
key can only encrypt 87 bytes, while 2048-bit key can encrypt 215
bytes. Therefore a typical use is to use RSA to transfer a symmeric
key to the peer and subsequently use symmetric ciphers like AES for
encryption of larger amounts of data.
Author(s)
Simon Urbanek
See Also
PKI.genRSAkey, PKI.pubkey
Examples
key <- PKI.genRSAkey(2048)
x <- charToRaw("Hello, world!")
e <- PKI.encrypt(x, key)
y <- PKI.decrypt(e, key)
stopifnot(identical(x, y))
print(rawToChar(y))
## AES symmetric - use SHA256 to support arbitrarily long key strings
key <- PKI.digest(charToRaw("hello"), "SHA256")
ae <- PKI.encrypt(x, key, "aes256")
ae
ad <- PKI.decrypt(ae, key, "aes256")
stopifnot(identical(x, ad))
PKI documentation built on Nov. 28, 2022, 9:05 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
| PKI.crypt | R Documentation |
PKI encryption/decryption functions
Description
PKI.encrypt encrypts a raw vector
PKI.decrypt decrypts a raw vector
Usage
PKI.encrypt(what, key, cipher = NULL, iv = NULL) PKI.decrypt(what, key, cipher = NULL, iv = NULL)
Arguments
what |
raw vector to encrypt/decrypt. It must not exceed the key size minus padding |
key |
key to use for encryption/decryption |
cipher |
cipher to use for encryption/decryption |
iv |
initialization vector for ciphers that use it (e.g.,
CBC). |
Value
Raw vector (encrypted/decrypted)
Note
The cipher is optional for key objects that already contain the cipher information such as RSA keys (in fact it is ignored in that case).
Supported symmetric ciphers are AES-128, AES-256 and BF
(blowfish). Each cipher can be used in CBC (default), ECB or OFB
modes which are specified as suffix, so "aes256ofb" would
specify AES-256 in OFB mode. Case and non-alphanumeric characters are
ignored, so the same could be specified as "AES-256-OFB".
PKCS padding is used to fill up to the block size. Analogously, PKCS
padding is expected when decoding.
Note that the payload for RSA encryption should be very small since it must fit into the key size including padding. For example, 1024-bit key can only encrypt 87 bytes, while 2048-bit key can encrypt 215 bytes. Therefore a typical use is to use RSA to transfer a symmeric key to the peer and subsequently use symmetric ciphers like AES for encryption of larger amounts of data.
Author(s)
Simon Urbanek
See Also
PKI.genRSAkey, PKI.pubkey
Examples
key <- PKI.genRSAkey(2048)
x <- charToRaw("Hello, world!")
e <- PKI.encrypt(x, key)
y <- PKI.decrypt(e, key)
stopifnot(identical(x, y))
print(rawToChar(y))
## AES symmetric - use SHA256 to support arbitrarily long key strings
key <- PKI.digest(charToRaw("hello"), "SHA256")
ae <- PKI.encrypt(x, key, "aes256")
ae
ad <- PKI.decrypt(ae, key, "aes256")
stopifnot(identical(x, ad))
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.