Copyright Digital Equipment Corp. All rights reserved.

Arguments

 

input-file

   type:      char_string
   access:    read only
   mechanism: by descriptor
   Name of the input file that ENCRYPT$ENCRYPT_FILE is to process.
   The input-file argument is the address of a string descriptor
   pointing to the file specification string for the input file.

   Wildcard characters are valid. To specify multiple input files,
   you must use wildcard characters.
 

output-file

   type:      char_string
   access:    read only
   mechanism: by descriptor
   Name of the output file that ENCRYPT$ENCRYPT_FILE is to generate.
   The output-file argument is the address of a string descriptor
   pointing to the file specification for the output file to be
   processed.

   You can use wildcard characters. To specify the same names for
   the output and input files, use a null character as the output-
   file argument.
 

key-name

   type:      char_string
   access:    read only
   mechanism: by descriptor
   Name of the key used when ENCRYPT$ENCRYPT_FILE processes files.
   The key-name argument is the address of a string descriptor
   pointing to the name of the key to be used in initializing the
   encrypt or decrypt stream used for each file processed.
 

algorithm

   type:      char_string
   access:    read only
   mechanism: by descriptor
   Name of the algorithm that ENCRYPT$ENCRYPT_FILE uses to
   initialize the process stream. The algorithm argument is the
   address of a string descriptor pointing to the name of the
   algorithm.

   For DES, the following algorithms are valid:

   o  DESCBC (default)

   o  DESECB

   o  DESCFB

   For AES, the following algorithms are valid:

   o  Cipher block chaining:

         AESCBC128 (default)
         AESCBC192
         AESCBC256

   o  Electronic code book:

         AESECB128
         AESECB192
         AESECB256

   o  Cipher feedback:

         AESCFB128
         AESCFB192
         AESCFB256

   o  Output feedback:

         AESOFB128
         AESOFB192
         AESOFB256
 

file-flags

   type:      longword
   access:    read only
   mechanism: by reference
   Flags that specify how ENCRYPT$ENCRYPT_FILE performs the file
   operation. The file-flags argument is the address of a longword
   containing a mask of flags. ENCRYPT$ENCRYPT_FILE Flags shows the
   function of each flag.

   Table 9-2 ENCRYPT$ENCRYPT_FILE Flags

   Flag                   Function

   ENCRYPT$M_FILE_        Compresses file data before encryption.
   COMPRESS
   ENCRYPT$M_FILE_        Flag set: encrypts the file.
   ENCRYPT
                          Flag clear: decrypts the file.
   ENCRYPT$M_FILE_DELETE  Deletes the input file when the operation
                          completes.
   ENCRYPT$M_FILE_ERASE   Erases the file with the security data
                          pattern before deleting it.
   ENCRYPT$M_FILE_KEY_    Flag set: Treats the key value as a
   VALUE                  literal value and does not compress it.

                          Flag clear: Treats the key value as a
                          text string that can be compressed.

                          If the KEY_NAME parameter is present,
                          this flag is ignored.
   ENCRYPT$M_FILE_AES     Flag set: indicates encrypting a file with
                          an AES key and algorithm

   There is an additional FILE_AES flag mask (and value) that is
   used with the ENCRYPT$ENCRYPT_FILE routine when encrypting
   files using an AES algorithm. The ENCRYPT$ENCRYPT_FILE_FLAGS
   are used to control file operations such as cipher direction,
   file compression and so on. The FILE_AES flag controls file AES
   initialization and cipher operation.
 

item-list

   type:      item_list_3
   access:    read only
   mechanism: by descriptor
   The optional item-list argument is used to override the data
   algorithm parameter. This argument substitutes one algorithm for
   another that is similar in function but that may be different
   in its name. In other words, it overrides the name of the
   algorithm that is found in the random key record with the name
   of the algorithm you provided in the override descriptor. This
   process provides a way to open files that were encrypted with an
   algorithm name that may be different than the algorithm name in
   the decrypt environment.
 

ENCRYPT$K_DATA_ALGORITHM

   type:      3 longwords
   access:    read only
   mechanism: by descriptor
   Algorithm to be used to encrypt the file. This argument specifies
   the address and length of the name string of the algorithm.

   The following algorithms are valid:

   o  DESCBC (default)

   o  DESECB

   o  DESCFB

   For AES, the following algorithms are valid:

   o  Cipher block chaining:

         AESCBC128 (default)
         AESCBC192
         AESCBC256

   o  Electronic code book:

         AESECB128
         AESECB192
         AESECB256

   o  Cipher feedback:

         AESCFB128
         AESCFB192
         AESCFB256

   o  Output feedback:

         AESOFB128
         AESOFB192
         AESOFB256