Learn R Programming
aws.kms (version 0.1.4)

encrypt: Perform encryption/decryption

Description

Encrypt plain text into ciphertext, or the reverse

Usage

encrypt(text, key, encode = TRUE, ...)
decrypt(text, key, encode = TRUE, ...)
reencrypt(text, key, encode = TRUE, ...)

Arguments

text

For encrypt, a character string specifying up to 4 kilobytes of data to be encrypted using the specified key. For decrypt, ciphertext of maximum 6144 bytes.

key

A character string specifying a key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with “alias/”.

encode

A logical specifying whether to base 64 encode text.

Additional arguments passed to kmsHTTP.

Value

encrypt returns a base64-encoded binary object as a character string.

Details

encrypt encrypts source text using a KMS key. decrypt reverses this process using the same key. reencrypt reencrypts an (encrypted) ciphertext using a new key. The purpose of these functions, according to AWS, to is encrypt and decrypt data keys (of the source created with generate_data_key) rather than general purpose encryption given the relatively low upper limit on the size of text.

See Also

create_kms_key, generate_data_key, generate_blob

Examples

Run this code
# NOT RUN {
  # create a key
  k <- create_kms_key()
  
  # encrypt
  tmp <- tempfile()
  cat("example test", file = tmp)
  (etext <- encrypt(tmp, k))
  
  # decrypt
  (dtext <- decrypt(etext, k, encode = FALSE))
  if (require("base64enc")) {
    rawToChar(base64enc::base64decode(dtext))
  }
  
  # cleanup
  delete_kms_key(k)
# }

Run the code above in your browser using DataLab