Enterprise Edition Home | Express Edition Home | Previous Page | Next Page   Data Types and Expressions > Expression >

DECRYPT_BINARY Function

The DECRYPT_BINARY function accepts as its first argument an encrypted_data large object of type BLOB or CLOB. You must specify a password as its second argument, unless the SET ENCRYPTION statement has specified as the default for this session the same password by which the first argument was encrypted.

If the call to DECRYPT_BINARY is successful, it returns a BLOB or CLOB large object that contains the plain text version of the encrypted_data argument.

If the first argument to DECRYPT_BINARY is an encrypted value of a character data type, Dynamic Server invokes the DECRYPT_CHAR function and attempts to decrypt the specified value.

If the first argument to DECRYPT_BINARY is not an encrypted value, or if the second argument (or the default password specified by SET ENCRYPTION) is not the password that was used when the first argument was encrypted, Dynamic Server issues an error, and the call to DECRYPT_BINARY fails. (See the description of the GETHINT Function for one possible action to take when you cannot remember the password that was used for encryption.)

Do not use DECRYPT_BINARY (or any other decryption function) to create a functional index on an encrypted column. This would store the decrypted values as plain text data in the database, defeating the purpose of encryption.

For additional information about using data encryption in column values of Dynamic Server databases, see Encryption and Decryption Functions, and SET ENCRYPTION PASSWORD.

Enterprise Edition Home | Express Edition Home | [ Top of Page | Previous Page | Next Page | Contents | Index ]