CCCryptorMBS.Constructor(operation as Integer, Algorithm as Integer, options as Integer, key as Ptr, keyLength as UInt64, iv as Ptr = nil)

operation: Defines the basic operation: kCCEncrypt or kCCDecrypt.
Algorithm: Defines the algorithm.
options: A word of flags defining options.
key: Raw key material, length keyLength bytes.

keyLength: Length of key material. Must be appropriate for

the selected operation and algorithm. Some algorithms provide for varying key lengths.

iv: Initialization vector, optional. Used by block ciphers when Cipher Block Chaining (CBC) mode is enabled. If present, must be the same length as the selected algorithm's block size. If CBC mode is selected (by the absence of the kCCOptionECBMode bit in the options flags) and no IV is present, a NULL (all zeroes) IV will be used. This parameter is ignored if ECB mode is used or if a stream cipher algorithm is selected.

Possible error is lasterror are kCCParamError and kCCMemoryFailure.

See also:

• Constructor(operation as Integer, Algorithm as Integer, options as Integer, key as String, iv as Ptr = nil)

CCCryptorMBS.Constructor(operation as Integer, Algorithm as Integer, options as Integer, key as String, iv as Ptr = nil)

// key length must be 16 bytes for AES128
dim key as string = "1234567890123456"

dim h as new CCCryptorMBS(CCCryptorMBS.kCCEncrypt, CCCryptorMBS.kCCAlgorithmAES128, 0, key)

if h.Lasterror<>0 then
  MsgBox "error: "+str(h.Lasterror)
else
  MsgBox "OK"
end if

operation: Defines the basic operation: kCCEncrypt or kCCDecrypt.
Algorithm: Defines the algorithm.
options: A word of flags defining options.
key: Raw key material, length keyLength bytes.

keyLength: Length of key material. Must be appropriate for

the selected operation and algorithm. Some algorithms provide for varying key lengths.

iv: Initialization vector, optional. Used by block ciphers when Cipher Block Chaining (CBC) mode is enabled. If present, must be the same length as the selected algorithm's block size. If CBC mode is selected (by the absence of the kCCOptionECBMode bit in the options flags) and no IV is present, a NULL (all zeroes) IV will be used. This parameter is ignored if ECB mode is used or if a stream cipher algorithm is selected.

Possible error is lasterror are kCCParamError and kCCMemoryFailure.

See also:

• Constructor(operation as Integer, Algorithm as Integer, options as Integer, key as Ptr, keyLength as UInt64, iv as Ptr = nil)

CCCryptorMBS.Final(DataOut as Ptr, dataOutAvailable as UInt64, byref dataOutMoved as UInt64)

dataOut: Result is written here. Allocated by caller. Pass a memoryblock of right size.
dataOutAvailable: The size of the dataOut buffer in bytes.
dataOutMoved: On successful return, the number of bytes written to dataOut.

Lasterror is set to:
kCCBufferTooSmall indicates insufficent space in the dataOut buffer. The caller can use GetOutputLength() to determine the required output buffer size in this case. The operation can be retried; no state is lost when this is returned.

kCCAlignmentError When decrypting, or when encrypting with a block cipher with padding disabled, kCCAlignmentError will be returned if the total number of bytes provided to Update() is not an integral multiple of

the current algorithm's block size.

kCCDecodeError Indicates garbled ciphertext or the wrong key during decryption. This can only be returned while decrypting with padding enabled.

Except when kCCBufferTooSmall is returned, the CCCryptorMBS can no longer be used for subsequent operations unless Reset() is called on it.
It is not necessary to call Final() when performing symmetric encryption or decryption if padding is disabled, or when using a stream cipher.

CCCryptorMBS.GetOutputLength(inputLength as UInt64, Final as Boolean = true) as UInt64

dim h as new CCCryptorMBS(CCCryptorMBS.kCCEncrypt, CCCryptorMBS.kCCAlgorithmAES128, 0, "Hello12312345678")

MsgBox str(h.GetOutputLength(1000))

inputLength: The length of data which will be provided to Update().

Final: If false, the returned value will indicate the output buffer space needed when 'inputLength' bytes are provided to

CCCryptorMBS.Update(). When 'final' is true, the returned value will indicate the total combined buffer space needed when 'inputLength' bytes are provided to CCCryptorMBS.Update() and then CCCryptorMBS.Final() is called.

Returns the maximum buffer space need to perform CCCryptorMBS.Update() and optionally CCCryptorMBS.Final().

Some general rules apply that allow clients of this module to know a priori how much output buffer space will be required in a given situation. For stream ciphers, the output size is always equal to the input size, and CCCryptorMBS.Final() never produces any data. For block ciphers, the output size will always be less than or equal to the input size plus the size of one block. For block ciphers, if the input size provided to each call to CCCryptorMBS.Update() is is an integral multiple of the block size, then the output size for each call to CCCryptorMBS.Update() is less than or equal to the input size for that call to CCCryptorMBS.Update(). CCCryptorMBS.Final() only produces output when using a block cipher with padding enabled.

CCCryptorMBS.Reset(iv as Ptr = nil)

The key is unchanged. Not implemented for stream ciphers.

iv: Optional initialization vector; if present, must be the same size as the current algorithm's block size.

The the only possible errors are kCCParamError and kCCUnimplemented.
This can be called on a CCCryptorMBS with data pending (i.e. in a padded mode operation before Final is called); however any pending data will be lost in that case.

CCCryptorMBS.Update(dataIn as Ptr, dataInLength as UInt64, dataOut as Ptr, dataOutAvailable as UInt64, byref dataOutMoved as UInt64)

The result, if any, is written to a caller-provided buffer.

Parameters:

dataIn	Data to process, length dataInLength bytes.
dataInLength	Length of data to process.
dataOut	Result is written here. Allocated by caller. Encryption and decryption can be performed "in-place", with the same buffer used for input and output.

dataOutAvailable The size of the dataOut buffer in bytes.

dataOutMoved

On successful return, the number of bytes written to dataOut.

Possible error codes:
kCCBufferTooSmall indicates insufficent space in the dataOut buffer. The caller can use CCCryptorMBS.GetOutputLength() to determine the required output buffer size in this case. The operation can be retried; no state is lost when this is returned.

This routine can be called multiple times. The caller does not need to align input data lengths to block sizes; input is bufferred as necessary for block ciphers. When performing symmetric encryption with block ciphers, and padding is enabled via kCCOptionPKCS7Padding, the total number of bytes provided by all the calls to this function when encrypting can be arbitrary (i.e., the total number of bytes does not have to be block aligned). However if padding is disabled, or when decrypting, the total number of bytes does have to be aligned to the block size; otherwise CCCryptMBS.Final() will return kCCAlignmentError. A general rule for the size of the output buffer which must be provided by the caller is that for block ciphers, the output length is never larger than the input length plus the block size. For stream ciphers, the output length is always exactly the same as the input length. See the discussion for CCCryptorMBS.GetOutputLength() for more information on this topic. Generally, when all data has been processed, call CCCryptorMBS.Final(). In the following cases, the CCCryptorMBS.Final() is superfluous as it will not yield any data nor return an error:
1. Encrypting or decrypting with a block cipher with padding disabled, when the total amount of data provided to CCCryptorMBS.Update() is an integral multiple of the block size.
2. Encrypting or decrypting with a stream cipher.

See also:

• Update(dataIn as String, dataOut as Ptr, dataOutAvailable as UInt64, byref dataOutMoved as UInt64)

CCCryptorMBS.Update(dataIn as String, dataOut as Ptr, dataOutAvailable as UInt64, byref dataOutMoved as UInt64)

The result, if any, is written to a caller-provided buffer.

Parameters:

dataIn	Data to process, length dataInLength bytes.
dataInLength	Length of data to process.
dataOut	Result is written here. Allocated by caller. Encryption and decryption can be performed "in-place", with the same buffer used for input and output.

dataOutAvailable The size of the dataOut buffer in bytes.

dataOutMoved

On successful return, the number of bytes written to dataOut.

Possible error codes:
kCCBufferTooSmall indicates insufficent space in the dataOut buffer. The caller can use CCCryptorMBS.GetOutputLength() to determine the required output buffer size in this case. The operation can be retried; no state is lost when this is returned.

This routine can be called multiple times. The caller does not need to align input data lengths to block sizes; input is bufferred as necessary for block ciphers. When performing symmetric encryption with block ciphers, and padding is enabled via kCCOptionPKCS7Padding, the total number of bytes provided by all the calls to this function when encrypting can be arbitrary (i.e., the total number of bytes does not have to be block aligned). However if padding is disabled, or when decrypting, the total number of bytes does have to be aligned to the block size; otherwise CCCryptMBS.Final() will return kCCAlignmentError. A general rule for the size of the output buffer which must be provided by the caller is that for block ciphers, the output length is never larger than the input length plus the block size. For stream ciphers, the output length is always exactly the same as the input length. See the discussion for CCCryptorMBS.GetOutputLength() for more information on this topic. Generally, when all data has been processed, call CCCryptorMBS.Final(). In the following cases, the CCCryptorMBS.Final() is superfluous as it will not yield any data nor return an error:
1. Encrypting or decrypting with a block cipher with padding disabled, when the total amount of data provided to CCCryptorMBS.Update() is an integral multiple of the block size.
2. Encrypting or decrypting with a stream cipher.

See also:

• Update(dataIn as Ptr, dataInLength as UInt64, dataOut as Ptr, dataOutAvailable as UInt64, byref dataOutMoved as UInt64)