Convenient tools for exchanging files securely from within R. By encrypting the content safe passage of files (shipment) can be provided by common but insecure carriers such as ftp and email. Based on asymmetric cryptography no management of shared secrets is needed to make a secure shipment as long as authentic public keys are available. Public keys used for secure shipments may also be obtained from external providers as part of the overall process. Transportation of files will require that relevant services such as ftp and email servers are available. An overview of sship can be found in the article An overview of sship.
Install sship from CRAN:
install.packages("sship")
You can install the latest release from GitHub with:
::install_github("Rapporteket/sship@*release") remotes
In case you want the latest development version of sship use:
remotes::install_github("Rapporteket/sship")
The main purpose of sship is to enable sending a file securely to a recipient. This is done by first encrypting the file, wrap it up together with necessary documents before sending it off. Means of transportation may vary but could for instance be by plain file transfer or as an e-mail attachment. As a convenience to the recipient sship also contains tools for unwrapping and decryption.
A shipment is secured by applying the recipient’s public key. When content, recipient, provider of the recipient’s public key, method of transportation (vessel) and optionally an accompanying shipment declaration are all known the sship function can be applied to encrypt, wrap up and dispatch a shipment, all in one go:
sship(content, recipient, pubkey_holder, vessel, declaration)
For the time being, the only valid provider of public keys is GitHub and the recipient must have a corresponding user account that contains a valid RSA public key. Further, the value of recipient will also be used to get local configuration that may be needed for the shipment to be made. Please refer to the the article Make a secure shipment and the sship function documentation for further details.
Unwrapping and decryption can be made using the function
dec()
in this package by providing the path to the received
tar-file and the recipient’s private key. It is also possible to specify
where the content is to be stored after it is unwrapped and decrypted
(if not specified, content will be stored in the working directory):
dec(tarfile, keyfile, target_dir)
For further details including a description of how the content of a secure shipment can be extracted without R please see the article Extract cargo from a secure shipment.