aes_cbc {openssl}R Documentation

Symmetric AES encryption

Description

Low-level symmetric encryption/decryption using the AES block cipher in CBC mode. The key is a raw vector, for example a hash of some secret. When no shared secret is available, a random key can be used which is exchanged via an asymmetric protocol such as RSA. See rsa_encrypt() for a worked example or encrypt_envelope() for a high-level wrapper combining AES and RSA.

Usage

aes_ctr_encrypt(data, key, iv = rand_bytes(16))

aes_ctr_decrypt(data, key, iv = attr(data, "iv"))

aes_cbc_encrypt(data, key, iv = rand_bytes(16))

aes_cbc_decrypt(data, key, iv = attr(data, "iv"))

aes_gcm_encrypt(data, key, iv = rand_bytes(12))

aes_gcm_decrypt(data, key, iv = attr(data, "iv"))

aes_keygen(length = 16)

Arguments

data

raw vector or path to file with data to encrypt or decrypt

key

raw vector of length 16, 24 or 32, e.g. the hash of a shared secret

iv

raw vector of length 16 (aes block size) or NULL. The initialization vector is not secret but should be random

length

how many bytes to generate. Usually 16 (128-bit) or 12 (92-bit) for aes_gcm

Examples

# aes-256 requires 32 byte key
passphrase <- charToRaw("This is super secret")
key <- sha256(passphrase)

# symmetric encryption uses same key for decryption
x <- serialize(iris, NULL)
y <- aes_cbc_encrypt(x, key = key)
x2 <- aes_cbc_decrypt(y, key = key)
stopifnot(identical(x, x2))

[Package openssl version 2.2.0 Index]