The SPGP DLL is written in ObjectPascal using Borland's Delphi (version 2.01). Because of the different ways Delphi and Visual Basic treat strings, VB users must be careful when calling SPGP functions.
1. Passing Strings
A String variable must be declared in the function as "ByVal"; when declared in the Sub it must be of fixed length; and though apparently it is not strictly required in every instance, it should always have a null ("Chr(0)") added to the end before it is passed to the function, just to be sure.
This is especially important when passing passphrases. Because fixed-length strings are filled with zeroes, a variable declared as String * 15 and assigned the value "passphrase & Chr(0)" looks like this: "passphrase[null] ". The DLL uses the null to find the end of the meaningful data in the string and ignore the zeroes. Without the null, it looks like this: "passphrase ", and this is what your data will be encrypted with, instead of "passphrase". This may make it difficult or impossible to decrypt later. Always include the null, no matter how small the string you are passing.
Visual Basic users can examine the sample program for examples of the necessary string-handling procedure.
2. Strings as Buffers
For those unfamiliar with this concept: when passing in a string to be used as a buffer for output, it is necessary to tell the function how large the string-buffer is, so that the function will not attempt to write more data to the buffer than the buffer will hold. Buffers receiving an unpredictable amount of data will have a companion variable to hold the buffer's declared size (e.g., BufferOut and BufferOutLen). If the buffer is too small to hold the output, the data will be discarded and the function will return a positive number indicating the size of the data, i.e., the necessary buffer size to hold it. In most cases, a non-zero result can still be treated as an error, but only negative numbers are "error codes" in the usual sense.
(Note that because the strings are null-terminated, the amount of data written to BufferOut will be BufferOutLen -1, to leave room for the null.) No matter the size of a function's output, no more than the buffer's declared size -1 will be written to the buffer.
For this reason it is necessary to either (a) consider the size of the input and estimate a buffer size sufficient to hold the output, or (b) always set aside a buffer that will be big enough in most situations. The choice may depend in the end on individual programming styles. Keep in mind that there is a general increase in size between plain-text and PGP-encrypted text, which becomes most pronounced for very small messages: a single character encrypted with ASCII-armored output will produce several hundred characters of ciphertext.
A string buffer without a companion size variable (e.g., KeyProps in spgpDecode) is assumed to be 256 characters long (255 characters + null).