Decrypt openssl string with Python crypted by asymetric key paired openssl R

Question

I've used in R

crypted <- cyphr::encrypt_string("secret", key=cyphr::keypair_openssl("~/.ssh/id_rsa_given.pub","~/.ssh/id_rsa"))

and

decrypted <- cyphr::decrypt_string(crypted,cyphr::keypair_openssl("~/.ssh/id_rsa_given.pub","~/.ssh/id_rsa")

This works in R, both : crypt and decrypt.

But I don't find how to read this crypted string in Python.

REPREX

R

bash

ssh-keygen -t rsa -f mykeytest

ls -g -o mykeytest*
# -rw------- 1 2655 Mar  4 10:08 mykeytest
# -rw-r--r-- 1  577 Mar  4 10:08 mykeytest.pub

R without external file

crypted <- cyphr::encrypt_string("mysecret", key=cyphr::keypair_openssl("mykeytest.pub","mykeytest"))
decrypted <- cyphr::decrypt_string(crypted,cyphr::keypair_openssl("mykeytest.pub","mykeytest"))
decrypted
# [1] "mysecret"

R with external file

writeBin(cyphr::encrypt_string("mysecret", key=cyphr::keypair_openssl("mykeytest.pub","mykeytest") ), "mysecret.txt")
mydecrypted2<-cyphr::decrypt_string(readBin("mysecret.txt", base::raw(), file.size("mysecret.txt")), 
              cyphr::keypair_openssl("mykeytest.pub","mykeytest") 
)
mydecrypted2
# [1] "mysecret"

Python

Beginning of my POC Python

import sys
import sshpubkeys
import os

f_pub = open("mykeytest.pub", "r")
f_priv = open("mykeytest", "rb")
f_string_mysecret=  open("mysecret.txt", "rb")

key_pub=f_pub.read()
key_priv=f_priv.read()
input_string=f_string_mysecret.read()


# https://github.com/ojarva/python-sshpubkeys
ssh_pub=sshpubkeys.SSHKey(key_pub)
ssh_pub.parse()
ssh_pub.rsa

#  https://stackoverflow.com/questions/59029092/how-to-load-openssh-private-key-using-cryptography-python-module/69758595#69758595

from cryptography.hazmat.primitives.serialization import load_ssh_private_key
from hashlib import sha1

key_priv_b = load_ssh_private_key(key_priv,b'mypassword')

And after ?

That is the question ?

Have you a pure python answer to decrypt string from cyphr::encrypt_string() and cyphr::keypair_openssl()

Workaround with rpy2

import rpy2.robjects as R
myfct = R.r(r'''
  library(cyphr)
  function(myfile) {
    cyphr::decrypt_string(
      readBin(myfile, base::raw(), file.size(myfile)),
      cyphr::keypair_openssl("mykeytest.pub","mykeytest") )
  }
''')
myfct("mysecret.txt")
# <rpy2.robjects.vectors.StrVector object at 0x7f0512114100> [RTYPES.STRSXP]
# R classes: ('character',)
# ['mysecret']

# in string : 

myfct("mysecret.txt")[0]
# 'mysecret'

An it works for my real issue.

Path of the R source of `cyphr::decrypt_string()`

But is it so special to R ? There is not standard python implementation ?

Path of the R source and C Source if I have well understood

keypair_openssl() : https://github.com/ropensci/cyphr/blob/HEAD/R/openssl.R#L79
openssl__decrypt_envelope_aut() : https://github.com/ropensci/cyphr/blob/master/R/openssl.R#L232
decrypt_envelope() : https://github.com/jeroen/openssl/blob/master/R/envelope.R#L42
R_envelope_decrypt() in C : https://github.com/jeroen/openssl/blob/master/src/envelope.c#L56

Links at the start of my question:

Do you are trying to read the string you encrtpyed in R in python? Or you are just also trying to encrypt/decrypt values in python? It's easier to help you if you include a simple [reproducible example](https://stackoverflow.com/questions/5963269/how-to-make-a-great-r-reproducible-example) with sample input and desired output that can be used to test and verify possible solutions. — MrFlick, Mar 03 '22 at 23:31
I am trying to read the string I encrypted in R in python. In my real case I have the same 2 code lines which are the reprex. — phili_b, Mar 04 '22 at 00:18
When I run the above code I get the error `Public key does not exist at ....id_rsa.pub`. So it's not reproducible if it can't be run. It would be best to include a sample key for testing, or at least the commands to create one the same way you have. And then share a sample string with a known value encrypted with those keys that we can use for testing to know if it's working. — MrFlick, Mar 04 '22 at 03:20
` ....id_rsa.pub` it's only my home path not pasted here. I edit. — phili_b, Mar 04 '22 at 07:02
"at least the commands to create one the same way you have". Exactly. I can add this, I thought it was obvious when you read the R Cypher command but I don't know encryption domain, there is finally many means to create keys. — phili_b, Mar 04 '22 at 07:14
@MrFlick You are not supposed to share SSH keys. However, it takes two seconds to type `ssh-keygen`... — , Mar 04 '22 at 07:58
Is it a requirement that you use `cyphr`? There seems to be a lot of R specific stuff in that library. It seems to actually automatically encrypt R serialized objects, not simple strings. — MrFlick, Mar 05 '22 at 01:30
My question is on Python part, not R part :) , I don't to want rewrite the R part. Mostly if cyphr encrypts serialized objects, not only strings. — phili_b, Mar 05 '22 at 15:50
Well it doesn’t look like it’s going to be easy to read those in python because python cannot parse R serialized objects as far as I know. — MrFlick, Mar 06 '22 at 06:50
But in the question there is `cyphr::encrypt_string()`. Therefore my current question is to decrypt **string** in Python crypted by `cyphr::crypt_string()`. Only currently string, but crypted by `cyphr`. — phili_b, Mar 06 '22 at 10:25
There is R wrapper for Python, rpy2, I hope there is pure Python answer. https://medium.com/analytics-vidhya/calling-r-from-python-magic-of-rpy2-d8cbbf991571 — phili_b, Mar 06 '22 at 10:28
My hidden question was to not have some values of config file readable. But it could be an other question, not this one. — phili_b, Mar 06 '22 at 10:32
addded: Workaround with rpy2 + Path of the R source of `cyphr::decrypt_string()` — phili_b, Mar 08 '22 at 17:19