What is the algorithm used? about safer HOT 5 CLOSED

safer uses sodium, for low level bindings of libsodium. From what I can gather from lisodium's documentation, both symmetric and asymmetric key encryption use XSalsa20 stream cipher (see algorithm details). Asymmetric case use other algorithms for authentication and key-exchange.

safer's decrypt_* functions are specifically meant to be used to decrypt things encrypted by encrypt_*. One needs to carefully look at whether R's charToRaw and rawToChar are working consistently with the encoding standards when reading the encrypted json object.

Sodium's bindings for nodejs. Hope this helps.

from safer.

I checked node-sodium but symmetric encryption is missing. Then I looked at sodium-native and it is a bit to low levell when you just starting with crypto and I can't find symmetric encryption. But I think it´s crypto_stream(cipher, nonce, key) that is the symmetric version.

For example which low level function will match your encrypt_string(string, key)?

JSNacl looks promising https://github.com/tonyg/js-nacl. I have found this symmetric function, but they use nonce:

k = ...;
m = nacl.encode_utf8("message");
n = nacl.crypto_stream_random_nonce();
c = nacl.crypto_stream_xor(m, n, k);
m1 = nacl.crypto_stream_xor(c, n, k);
"message" === nacl.decode_utf8(m1); // always true

I am a little bit suspicious that xor will use another algorithm than XSalsa20.

How do I add a nonce in your solution? Maybe it´s not important if nonce is added behind the sceen.

So far I have managed to do a simple hashing of a string in nodejs. Then I hash it in R and compare it.

from safer.

For the nounce part:

This nounce is used all though by safer.

d9, 29, f8, de, 09, 1e, 48, f9, a1, 98, 5f, a7, 07, 86, 84, 31, d0, 63, 95, 2e, c5, 08, 6f, bc

( essentially the hash of the string 'nounce' )
Do encrypt using this nounce and then try decryping using safer::decrypt_string

About the function matching encrypt_string: safer::encrypt_string calls sodium::data_encrypt which in turn seems to call crypto_secretbox_easy.

Hope this helps.

from safer.

Ok I managed to encrypt in nodejs and then decrypt it in R. But I did not managed to use safer because I could not convert the nodejs hex strings to R strings (whatever this is). Instead I managed to convert the hex strings to raw vectors and then use R sodium.

Thanks for the support anyhow!

from safer.

Use functions rawToChar and charToRaw to convert between raw and character vectors in R. For your problem, it might be better suited to 'sodium' package directly than using 'safer'.

from safer.