Encrypts or decrypts data files. Format ENCRYPT$ENCRYPT_FILE input-file, output-file, key-name, algorithm, file-flags [,item-list]
1 – Arguments
input-file type: char_string access: read only mechanism: by descriptor Name of the input file that ENCRYPT$ENCRYPT_FILE is to process. The input-file argument is the address of a string descriptor pointing to the file specification string for the input file. Wildcard characters are valid. To specify multiple input files, you must use wildcard characters. output-file type: char_string access: read only mechanism: by descriptor Name of the output file that ENCRYPT$ENCRYPT_FILE is to generate. The output-file argument is the address of a string descriptor pointing to the file specification for the output file to be processed. You can use wildcard characters. To specify the same names for the output and input files, use a null character as the output- file argument. key-name type: char_string access: read only mechanism: by descriptor Name of the key used when ENCRYPT$ENCRYPT_FILE processes files. The key-name argument is the address of a string descriptor pointing to the name of the key to be used in initializing the encrypt or decrypt stream used for each file processed. algorithm type: char_string access: read only mechanism: by descriptor Name of the algorithm that ENCRYPT$ENCRYPT_FILE uses to initialize the process stream. The algorithm argument is the address of a string descriptor pointing to the name of the algorithm. For DES, the following algorithms are valid: o DESCBC (default) o DESECB o DESCFB For AES, the following algorithms are valid: o Cipher block chaining: AESCBC128 (default) AESCBC192 AESCBC256 o Electronic code book: AESECB128 AESECB192 AESECB256 o Cipher feedback: AESCFB128 AESCFB192 AESCFB256 o Output feedback: AESOFB128 AESOFB192 AESOFB256 file-flags type: longword access: read only mechanism: by reference Flags that specify how ENCRYPT$ENCRYPT_FILE performs the file operation. The file-flags argument is the address of a longword containing a mask of flags. ENCRYPT$ENCRYPT_FILE Flags shows the function of each flag. Table 9-2 ENCRYPT$ENCRYPT_FILE Flags Flag Function ENCRYPT$M_FILE_ Compresses file data before encryption. COMPRESS ENCRYPT$M_FILE_ Flag set: encrypts the file. ENCRYPT Flag clear: decrypts the file. ENCRYPT$M_FILE_DELETE Deletes the input file when the operation completes. ENCRYPT$M_FILE_ERASE Erases the file with the security data pattern before deleting it. ENCRYPT$M_FILE_KEY_ Flag set: Treats the key value as a VALUE literal value and does not compress it. Flag clear: Treats the key value as a text string that can be compressed. If the KEY_NAME parameter is present, this flag is ignored. ENCRYPT$M_FILE_AES Flag set: indicates encrypting a file with an AES key and algorithm There is an additional FILE_AES flag mask (and value) that is used with the ENCRYPT$ENCRYPT_FILE routine when encrypting files using an AES algorithm. The ENCRYPT$ENCRYPT_FILE_FLAGS are used to control file operations such as cipher direction, file compression and so on. The FILE_AES flag controls file AES initialization and cipher operation. item-list type: item_list_3 access: read only mechanism: by descriptor The optional item-list argument is used to override the data algorithm parameter. This argument substitutes one algorithm for another that is similar in function but that may be different in its name. In other words, it overrides the name of the algorithm that is found in the random key record with the name of the algorithm you provided in the override descriptor. This process provides a way to open files that were encrypted with an algorithm name that may be different than the algorithm name in the decrypt environment. ENCRYPT$K_DATA_ALGORITHM type: 3 longwords access: read only mechanism: by descriptor Algorithm to be used to encrypt the file. This argument specifies the address and length of the name string of the algorithm. The following algorithms are valid: o DESCBC (default) o DESECB o DESCFB For AES, the following algorithms are valid: o Cipher block chaining: AESCBC128 (default) AESCBC192 AESCBC256 o Electronic code book: AESECB128 AESECB192 AESECB256 o Cipher feedback: AESCFB128 AESCFB192 AESCFB256 o Output feedback: AESOFB128 AESOFB192 AESOFB256