VMS Help  —  ENCRYPT Routine, ENCRYPT$INIT
    Initializes the context for the encryption operation.

    Format

      ENCRYPT$INIT  context, algorithm, key-type, key-name [,p1]

1  –  Arguments

 context

    type:      longword integer signed
    access:    write only
    mechanism: by reference
    Context area that is initialized. The context argument is the
    address of a longword of unspecified interpretation that is used
    to convey context between encryption operations. An uninitialized
    context longword is defined to be zero and is initialized to
    nonzero by this routine. The context area itself is allocated
    from process dynamic memory.

 algorithm

    type:      char_string
    access:    read/write
    mechanism: by descriptor
    Algorithm used for the encryption operation. The algorithm
    argument is the address of a string descriptor pointing to a
    code for the selected algorithm. The algorithm code is an ASCII
    string. For descriptor type value, use one of the following:

       DSC$K_DTYPE_T (text)
       DSC$K_DTYPE_VT (varying text)
       DSC$K_DTYPE_Z (unspecified)

    For DES, the following algorithms are valid:

    o  DESCBC (default)

    o  DESECB

    o  DESCFB

    For AES, the following algorithms are valid:

    o  Cipher block chaining:

          AESCBC128 (default)
          AESCBC192
          AESCBC256

    o  Electronic code book:

          AESECB128
          AESECB192
          AESECB256

    o  Cipher feedback:

          AESCFB128
          AESCFB192
          AESCFB256

    o  Output feedback:

          AESOFB128
          AESOFB192
          AESOFB256

 key-type

    type:      longword logical unsigned
    access:    read only
    mechanism: by reference
    Code specifying how ENCRYPT$INIT is to interpret the key-name
    argument. The key-type argument is the address of an unsigned
    longword indicating whether key-name is the name of the key or
    the key value. If you specify:

    Key-type as 0    ENCRYPT$INIT interprets key-name as a descriptor
                     pointing to the key name string.
    Key-type as 1    ENCRYPT$INIT interprets key-name as the
                     descriptor for the value of the key to be used.

 key-name

    type:      char_string
    access:    read only
    mechanism: by descriptor
    Key that ENCRYPT$INIT passes to the selected encryption routine.
    The key-name argument is the address of a character string
    descriptor containing the name of the key or the address of the
    actual key value. ENCRYPT$INIT interprets this argument based on
    the value of key-type. If this argument is:

    The key name     Actual key value is retrieved from key storage
                     by the selected encryption routine.
    A key value      It is stored with a temporary name, which is
                     passed to the selected encryption routine.

    If the key-name argument is used to specify a key value (that
    is, if key-type has been specified as 1), the key-name string
    descriptor type field determines whether the key value is to be
    treated as a char_string or as a binary value to be used exactly
    as specified.

    If the descriptor type is DSC$K_DTYPE_T (char_string), DSC$K_
    DTYPE_VT (varying char_string), or DSC$K_DTYPE_Z (unspecified),
    the value is treated as a text string to be compressed for DES
    key values. ASCII compression converts lowercase characters to
    uppercase, only A-Z, 0-9, $, . (period), and _ (underscore) are
    allowed. Other characters are converted to spaces, and the extra
    spaces are removed. AES ASCII key values are not subject to ASCII
    compression, allowing any 8-bit ASCII character.

    All other descriptor types are treated as though the key value is
    to be used exactly as specified.

                                   NOTE

       The key name descriptors of type DSC$K_DTYPE_T, DSC$K_DTYPE_
       VT, and DSC$K_DTYPE_Z all specify that the key value should
       be compressed. For OpenVMS V8.3, this functionality applies
       only to DES, not AES. AES keys are not compressed.

 p1

    type:      quadword[1] (DES), quadword[2] (AES)
    access:    read only
    mechanism: by reference
    Optional argument. The p1 argument is the address of a quadword
    initialization vector used to seed the three modes of the DES
    algorithm that uses an initialization vector. These modes
    are: DESCBC (default), DESCFB, and DESMAC. That is, the DES IV
    initialization vector is a quadword reference, to an eight byte
    value.

    For AES, the optional P1 argument for the AES IV initialization
    vector is a reference to a 16 byte (two quadwords) value.

    If you omit this argument, the initialization vector used is
    the residue of the previous use of the specified context block.
    ENCRYPT$INIT initializes the context block with an initialization
    vector of zero.
Close Help