VMS Help  —  ENCRYPT Routine, ENCRYPT$ENCRYPT_ONE_RECORD
    Encrypts a small amount of data in an encrypt stream.

                                   NOTE

       To use AES for one record ciphers, you must first create
       an AES key, which is stored in the logical name table
       (encrypted). The key name of an AES key is specified as
       an address of a descriptor that contains the ASCII text for
       the selected AESmmmkkk (mode and key size) algorithm, for
       example, AESCBC256. The input and output buffers (descriptor
       addresses) are also provided.

    Format

      ENCRYPT$ENCRYPT_ONE_RECORD  input, output, key-name, algorithm

1  –  Arguments 

 input

    type:      char_string
    access:    read only
    mechanism: by descriptor
    Plaintext record to be encrypted. The input argument is the
    address of a string descriptor pointing to a byte-aligned buffer
    containing the input record to be encrypted.

 output

    type:      char_string
    access:    write only
    mechanism: by descriptor
    Ciphertext record resulting when the routine completes execution.
    The output argument is the address of a string descriptor
    pointing to a byte-aligned buffer that will contain the
    ciphertext record.

    If the descriptor is dynamic, and insufficient space is allocated
    to contain the output record, storage is allocated from dynamic
    memory. If insufficient space exists to contain the output of the
    operation, an error is returned.

    The ENCRYPT$ENCRYPT_ONE_RECORD routine adjusts the length of the
    output descriptor, if possible, to reflect the actual length of
    the output string.

 key-name

    type:      char_string
    access:    read only
    mechanism: by descriptor
    Key used to initialize the encrypt stream. The key-name argument
    is the address of a string descriptor pointing to the name of the
    previously defined user key to be used.

 algorithm

    type:      char_string
    access:    read only
    mechanism: by descriptor
    Algorithm used for the encryption operation. The algorithm
    argument is the address of a string descriptor pointing to a
    code for the selected algorithm. The algorithm code is an ASCII
    string. For descriptor type value, use one of the following:

    o  DSC$K_DTYPE_T (text)

    o  DSC$K_DTYPE_VT (varying text)

    o  DSC$K_DTYPE_Z (unspecified)

    For DES, the following algorithms are valid:

    o  DESCBC (default)

    o  DESECB

    o  DESCFB

    For AES, the following algorithms are valid:

    o  Cipher block chaining:

          AESCBC128 (default)
          AESCBC192
          AESCBC256

    o  Electronic code book:

          AESECB128
          AESECB192
          AESECB256

    o  Cipher feedback:

          AESCFB128
          AESCFB192
          AESCFB256

    o  Output feedback:

          AESOFB128
          AESOFB192
          AESOFB256
Close Help