1# Encryption and Decryption by Segment 2 3The Crypto framework does not have a limit on the amount of the data to be passed in one time or cumulatively during the encryption/decryption process. However, when the amount of data is greater than 2 MB, you are advised to pass in and encrypt/decrypt the data by segment to improve processing efficiency. 4 5## Symmetric Encryption and Decryption 6 7Use [Cipher.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-1) to pass in and encrypt/decrypt the data of a symmetric key by segment. 8 9You can set the amount of the data to be passed in each time (**updateLength** in the example) and call **update()** multiple times to pass in the data. 10 11Currently, the amount of data that can be passed in each time cannot exceed **INT_MAX** (maximum length of the Uint8Array type). 12 13The value returned by each **update** and **doFinal** must be checked. If the return value is not null, obtain and combine the data segments into the complete ciphertext or plaintext. 14 15Example: [Encryption and Decryption by Segment with an AES Symmetric Key (GCM Mode)](crypto-aes-sym-encrypt-decrypt-gcm-by-segment.md) 16 17Example: [Encryption and Decryption by Segment with an SM4 Symmetric Key (GCM Mode)](crypto-sm4-sym-encrypt-decrypt-gcm-by-segment.md) 18 19## Asymmetric Encryption and Decryption 20 21Use [Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1) and [Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1) to pass in and encrypt/decrypt the data of an asymmetric key pair by segment. 22 23If the plaintext length is greater than the data length supported by a single encryption (see [Asymmetric Key Encryption and Decryption Algorithm Specifications](crypto-asym-encrypt-decrypt-spec.md)), divide the data to be encrypted into data segments of an appropriate length and encrypt each data segment. Specifically, create a **Cipher** instance and call [Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1) and [Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1). 24 25The amount of data to be passed in each time varies, depending on the key specifications. 26 27- RSA: The input data varies depending on the padding mode. Determine the amount of the data to be passed in at a time based on [RSA specifications](crypto-asym-encrypt-decrypt-spec.md#rsa). 28- SM2: The amount of the data to be encrypted must be of the fixed length. For details, see [SM2](crypto-asym-encrypt-decrypt-spec.md#sm2). 29 30The value returned by each **doFinal** must be checked. If the return value is not null, obtain and combine the data segments into the complete ciphertext or plaintext. 31 32Example: [Encryption and Decryption by Segment with an RSA Asymmetric Key Pair](crypto-rsa-asym-encrypt-decrypt-by-segment.md) 33 34## FAQs 35 36- Does the cipher mode affect the amount of the data to be passed in by each **update** in encryption and decryption by segment? 37 38 You can set the amount of the data to be passed in by each **update**. It has nothing to do with the cipher mode. 39 40 The encryption/decryption parameters vary with the cipher mode. For details, see [ParamsSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#paramsspec). 41