What is the algorithm used?
calendarbase opened this issue · 5 comments
Hi, great package, but what is the crypto algorithm used and how do you select one specific algorithm to use. I am planning to first encrypt a json object in Nodejs and then decrypt it in R. But then I need to know which algorithm I use AES, DES, Bcrypt etc.. Or is it curve25519?
I am trying to encrypt in nodejs and then decrypt it in R with symetric encryption.
safer
uses sodium
, for low level bindings of libsodium. From what I can gather from lisodium's documentation, both symmetric and asymmetric key encryption use XSalsa20 stream cipher (see algorithm details). Asymmetric case use other algorithms for authentication and key-exchange.
safer's decrypt_*
functions are specifically meant to be used to decrypt things encrypted by encrypt_*
. One needs to carefully look at whether R's charToRaw
and rawToChar
are working consistently with the encoding standards when reading the encrypted json object.
Sodium's bindings for nodejs. Hope this helps.
I checked node-sodium but symmetric encryption is missing. Then I looked at sodium-native and it is a bit to low levell when you just starting with crypto and I can't find symmetric encryption. But I think it´s crypto_stream(cipher, nonce, key) that is the symmetric version.
For example which low level function will match your encrypt_string(string, key)?
JSNacl looks promising https://github.com/tonyg/js-nacl. I have found this symmetric function, but they use nonce:
k = ...;
m = nacl.encode_utf8("message");
n = nacl.crypto_stream_random_nonce();
c = nacl.crypto_stream_xor(m, n, k);
m1 = nacl.crypto_stream_xor(c, n, k);
"message" === nacl.decode_utf8(m1); // always true
I am a little bit suspicious that xor will use another algorithm than XSalsa20.
How do I add a nonce in your solution? Maybe it´s not important if nonce is added behind the sceen.
So far I have managed to do a simple hashing of a string in nodejs. Then I hash it in R and compare it.
For the nounce part:
This nounce is used all though by safer
.
d9, 29, f8, de, 09, 1e, 48, f9, a1, 98, 5f, a7, 07, 86, 84, 31, d0, 63, 95, 2e, c5, 08, 6f, bc
( essentially the hash of the string 'nounce' )
Do encrypt using this nounce and then try decryping using safer::decrypt_string
About the function matching encrypt_string
: safer::encrypt_string
calls sodium::data_encrypt
which in turn seems to call crypto_secretbox_easy
.
Hope this helps.
Ok I managed to encrypt in nodejs and then decrypt it in R. But I did not managed to use safer because I could not convert the nodejs hex strings to R strings (whatever this is). Instead I managed to convert the hex strings to raw vectors and then use R sodium.
Thanks for the support anyhow!
Use functions rawToChar
and charToRaw
to convert between raw and character vectors in R. For your problem, it might be better suited to 'sodium' package directly than using 'safer'.