The syntax for alter encryption key is:
alter encryption key [database_name.[ owner ] . ] key_name
{ [ as | not default ]
| [ with passwd
'password' | system_encr_passwd | login_password ]
modify encryption
[with passwd
'password' | login_passwd |
system_encr_passwd ]
| with passwd 'password'
add encryption [ with passwd 'password' ]
for user user_name
[ for login_association | for recovery ]
| drop encryption for
{ user user_name | key recovery }
| [ with passwd 'password ']
recover encryption with passwd 'password'
| modify owner user_name
}
key_name – name for a column encryption key.
as [not] default – indicates that the database default property should be assigned to, or unassigned from, this key.
with passwd – specifies the current password Adaptive Server uses to decrypt the column encryption key. If you do not specify with passwd, the default is system_encr_passwd.
password – specifies the new password Adaptive Server uses to encrypt the key or key copy. password can up to 255 bytes long.
login_passwd – the login password for the user. login_password can be up to 255 bytes long.
system_encr_passwd – the system encryption password for the current database.
modify encryption – indicates you are modifying the encryption key or key copy.
add encryption – adds encrypted key copy for a designated user.
for user – specifies the user for whom you are adding or dropping a key copy.
for login_association – indicates that the key copy being added is encrypted by the assigned user’s login password during his or her first access to this key.
for recovery – indicates this key copy is for recovery purposes.
drop encryption – indicates that you are dropping the key copy for the specified user.
recover encryption – makes the base key accessible to a new password.
modify owner – changes the key’s owner to the specified user.
