rsa_encrypt: Low-level RSA encryption

View source: R/rsa.R

rsa_encryptR Documentation

Low-level RSA encryption


Asymmetric encryption and decryption with RSA. Because RSA can only encrypt messages smaller than the size of the key, it is typically used only for exchanging a random session-key. This session key is used to encipher arbitrary sized data via a stream cipher such as aes_cbc. See encrypt_envelope or pkcs7_encrypt for a high-level wrappers combining RSA and AES in this way.


rsa_encrypt(data, pubkey = my_pubkey())

rsa_decrypt(data, key = my_key(), password = askpass)



raw vector of max 245 bytes (for 2048 bit keys) with data to encrypt/decrypt


public key or file path. See read_pubkey().


private key or file path. See read_key().


string or a function to read protected keys. See read_key().


# Generate test keys
key <- rsa_keygen()
pubkey <- key$pubkey

# Encrypt data with AES
tempkey <- rand_bytes(32)
iv <- rand_bytes(16)
blob <- aes_cbc_encrypt(system.file("CITATION"), tempkey, iv = iv)

# Encrypt tempkey using receivers public RSA key
ciphertext <- rsa_encrypt(tempkey, pubkey)

# Receiver decrypts tempkey from private RSA key
tempkey <- rsa_decrypt(ciphertext, key)
message <- aes_cbc_decrypt(blob, tempkey, iv)
out <- rawToChar(message)

openssl documentation built on Sept. 26, 2023, 1:09 a.m.