Become an expert in R — Interactive courses, Cheat Sheets, certificates and more!
Get Started for Free

encrypt_envelope

Envelope encryption


Description

An envelope contains ciphertext along with an encrypted session key and optionally and initialization vector. The encrypt_envelope generates a random IV and session-key which is used to encrypt the data with AES stream cipher. The session key itself is encrypted using the given RSA key (see rsa_encrypt) and stored or sent along with the encrypted data. Each of these outputs is required to decrypt the data with the corresponding private key.

Usage

encrypt_envelope(data, pubkey = my_pubkey())

decrypt_envelope(data, iv, session, key = my_key(), password)

Arguments

data

raw data vector or file path for message to be signed. If hash == NULL then data must be a hash string or raw vector.

pubkey

public key or file path. See read_pubkey.

iv

16 byte raw vector returned by encrypt_envelope.

session

raw vector with encrypted session key as returned by encrypt_envelope.

key

private key or file path. See read_key.

password

string or a function to read protected keys. See read_key.

References

Examples

# Requires RSA key
key <- rsa_keygen()
pubkey <- key$pubkey
msg <- serialize(iris, NULL)

# Encrypt
out <- encrypt_envelope(msg, pubkey)
str(out)

# Decrypt
orig <- decrypt_envelope(out$data, out$iv, out$session, key)
stopifnot(identical(msg, orig))

openssl

Toolkit for Encryption, Signatures and Certificates Based on OpenSSL

v1.4.4
MIT + file LICENSE
Authors
Jeroen Ooms [aut, cre] (<https://orcid.org/0000-0002-4035-0289>), Oliver Keyes [ctb]
Initial release

We don't support your browser anymore

Please choose more modern alternatives, such as Google Chrome or Mozilla Firefox.