openssl (version 1.1)

aes_cbc: Symmetric AES encryption

Description

Low-level symmetric encryption/decryption using the AES block cipher in CBC mode. The key is a raw vector, for example a hash of some secret. When no shared secret is available, a random key can be used which is exchanged via an asymmetric protocol such as RSA. See rsa_encrypt for a worked example or encrypt_envelope for a high-level wrapper combining AES and RSA.

Usage

aes_ctr_encrypt(data, key, iv = rand_bytes(16))

aes_ctr_decrypt(data, key, iv = attr(data, "iv"))

aes_cbc_encrypt(data, key, iv = rand_bytes(16))

aes_cbc_decrypt(data, key, iv = attr(data, "iv"))

aes_gcm_encrypt(data, key, iv = rand_bytes(12))

aes_gcm_decrypt(data, key, iv = attr(data, "iv"))

aes_keygen(length = 16)

Arguments

data

raw vector or path to file with data to encrypt or decrypt

key

raw vector of length 16, 24 or 32, e.g. the hash of a shared secret

iv

raw vector of length 16 (aes block size) or NULL. The initialization vector is not secret but should be random

length

how many bytes to generate. Usually 16 (128-bit) or 12 (92-bit) for aes_gcm

Examples

Run this code
# NOT RUN {
# aes-256 requires 32 byte key
passphrase <- charToRaw("This is super secret")
key <- sha256(passphrase)

# symmetric encryption uses same key for decryption
x <- serialize(iris, NULL)
y <- aes_cbc_encrypt(x, key = key)
x2 <- aes_cbc_decrypt(y, key = key)
stopifnot(identical(x, x2))
# }

Run the code above in your browser using DataCamp Workspace