Uses the specified block cipher algorithm and mode to encrypt or decrypt data in a file. The key and initialization vector are given as bytes arrays. PKCS-5/7 padding is used, if required.
Public Declare Function CIPHER_File Lib "diCrPKI.dll"
(ByVal fEncrypt As Long, ByVal strFileOut As String, ByVal strFileIn As String,
ByRef abKey As Byte, ByRef abIV As Byte, ByVal strAlgAndMode As String, ByVal nOptions As Long) As Long
nRet = CIPHER_File(fEncrypt, strFileOut, strFileIn, abKey(0),
abIV(0), strAlgAndMode, nOptions)
Boolean direction flag:
set as ENCRYPT (True) to encrypt or DECRYPT (False) to decrypt.String with the full path name of the output file to be created.String with the full path name of the input file to be processed.Byte array containing the key.Byte containing the
initialization vector (IV), or zero (0) for ECB mode.String containing the block cipher algorithm and mode
(see Specifying the algorithm and mode for generic block cipher functions).Long option flags.
long _stdcall CIPHER_File(long fEncrypt, const char *szFileOut, const char *szFileIn, const unsigned char *lpKey, const unsigned char *lpIV, const char *szAlgAndMode, long nOptions);
Long: If successful, the return value is zero;
otherwise it returns a nonzero error code.
Cipher.FileEncrypt Method (String, String, Byte[], Byte[], CipherAlgorithm, Mode)
Cipher.FileDecrypt Method (String, String, Byte[], Byte[], CipherAlgorithm, Mode)
The algorithm and mode must be specified using either the strAlgAndMode or nOptions parameter (see Specifying the algorithm and mode for generic block cipher functions). The length of key abKey must be exactly the required key size, and the length of the IV, if required, exactly the block size. See Valid key and block sizes. The output file strFileOut will be overwritten without warning. If there is an error, the output file will not exist. The input and output files must not be the same. In ECB and CBC modes, a padding string will be added or assumed according to the method outlined in Section 6.3 of [CMS], which is the same as the padding method in [PKCS7] section 10.3 and [PKCS5] section 6.1.1 and [RFC 1423] para 1.1.
Const MY_PATH As String = "C:\Test\" Dim abKey() As Byte Dim abIV() As Byte Dim strFileEnc As String Dim strFileIn As String Dim strFileChk As String Dim nRet As Long ' Construct full path names to files strFileIn = MY_PATH & "hello.txt" strFileEnc = MY_PATH & "hello.aes128.enc.dat" strFileChk = MY_PATH & "hello.aes128.chk.txt" ' Create the key as an array of bytes ' This creates an array of 16 bytes {&HFE, &HDC, ... &H10} abKey = cnvBytesFromHexStr("fedcba9876543210fedcba9876543210") ' Create the IV at random ReDim abIV(PKI_BLK_AES_BYTES - 1) Call RNG_Bytes(abIV(0), PKI_BLK_AES_BYTES, "", 0) ' Display the IV (this needs to be communicated separately to the recipient) Debug.Print "IV=" & cnvHexStrFromBytes(abIV) ' Encrypt plaintext file to ciphertext using AES-128 in counter (CTR) mode ' (This will create a file of exactly the same size as the input) nRet = CIPHER_File(ENCRYPT, strFileEnc, strFileIn, abKey(0), abIV(0), "aes128-ctr", 0) Debug.Print "CIPHER_File(ENCRYPT) returns " & nRet ' Now decrypt it nRet = CIPHER_File(DECRYPT, strFileChk, strFileEnc, abKey(0), abIV(0), "aes128-ctr", 0) Debug.Print "CIPHER_File(DECRYPT) returns " & nRet