context
type: longword integer signed
access: write only
mechanism: by reference
Context area that is initialized. The context argument is the
address of a longword of unspecified interpretation that is used
to convey context between encryption operations. An uninitialized
context longword is defined to be zero and is initialized to
nonzero by this routine. The context area itself is allocated
from process dynamic memory.
algorithm
type: char_string
access: read/write
mechanism: by descriptor
Algorithm used for the encryption operation. The algorithm
argument is the address of a string descriptor pointing to a
code for the selected algorithm. The algorithm code is an ASCII
string. For descriptor type value, use one of the following:
DSC$K_DTYPE_T (text)
DSC$K_DTYPE_VT (varying text)
DSC$K_DTYPE_Z (unspecified)
For DES, the following algorithms are valid:
o DESCBC (default)
o DESECB
o DESCFB
For AES, the following algorithms are valid:
o Cipher block chaining:
AESCBC128 (default)
AESCBC192
AESCBC256
o Electronic code book:
AESECB128
AESECB192
AESECB256
o Cipher feedback:
AESCFB128
AESCFB192
AESCFB256
o Output feedback:
AESOFB128
AESOFB192
AESOFB256
key-type
type: longword logical unsigned
access: read only
mechanism: by reference
Code specifying how ENCRYPT$INIT is to interpret the key-name
argument. The key-type argument is the address of an unsigned
longword indicating whether key-name is the name of the key or
the key value. If you specify:
Key-type as 0 ENCRYPT$INIT interprets key-name as a descriptor
pointing to the key name string.
Key-type as 1 ENCRYPT$INIT interprets key-name as the
descriptor for the value of the key to be used.
key-name
type: char_string
access: read only
mechanism: by descriptor
Key that ENCRYPT$INIT passes to the selected encryption routine.
The key-name argument is the address of a character string
descriptor containing the name of the key or the address of the
actual key value. ENCRYPT$INIT interprets this argument based on
the value of key-type. If this argument is:
The key name Actual key value is retrieved from key storage
by the selected encryption routine.
A key value It is stored with a temporary name, which is
passed to the selected encryption routine.
If the key-name argument is used to specify a key value (that
is, if key-type has been specified as 1), the key-name string
descriptor type field determines whether the key value is to be
treated as a char_string or as a binary value to be used exactly
as specified.
If the descriptor type is DSC$K_DTYPE_T (char_string), DSC$K_
DTYPE_VT (varying char_string), or DSC$K_DTYPE_Z (unspecified),
the value is treated as a text string to be compressed for DES
key values. ASCII compression converts lowercase characters to
uppercase, only A-Z, 0-9, $, . (period), and _ (underscore) are
allowed. Other characters are converted to spaces, and the extra
spaces are removed. AES ASCII key values are not subject to ASCII
compression, allowing any 8-bit ASCII character.
All other descriptor types are treated as though the key value is
to be used exactly as specified.
NOTE
The key name descriptors of type DSC$K_DTYPE_T, DSC$K_DTYPE_
VT, and DSC$K_DTYPE_Z all specify that the key value should
be compressed. For OpenVMS V8.3, this functionality applies
only to DES, not AES. AES keys are not compressed.
p1
type: quadword[1] (DES), quadword[2] (AES)
access: read only
mechanism: by reference
Optional argument. The p1 argument is the address of a quadword
initialization vector used to seed the three modes of the DES
algorithm that uses an initialization vector. These modes
are: DESCBC (default), DESCFB, and DESMAC. That is, the DES IV
initialization vector is a quadword reference, to an eight byte
value.
For AES, the optional P1 argument for the AES IV initialization
vector is a reference to a 16 byte (two quadwords) value.
If you omit this argument, the initialization vector used is
the residue of the previous use of the specified context block.
ENCRYPT$INIT initializes the context block with an initialization
vector of zero.