sp_encryption help | helpkey
sp_encryption help | helpkey [, keyname | wildcard] [, all_dbs | key_copy | display_cols ]
sp_encryption [help | helpkey][, system_encr_password] [, display_keys | all_dbs]
sp_encryption helpcol [, table_name | column_name ]
sp_encryption helpuser [, user_name | wildcard ][, key_copy]
helpkey – lists encryption key properties, including:
Whether the database contains encryption keys.
When run by a user with sso_role, key custodian, or DBO: key name, key owner, key length, key algorithm, key type, pad, initialization vector, type of password used to encrypt the key, whether key recovery has been enabled and count of key copies.
The output is sorted on owner.key name. When run by a non-privileged user, this command lists keyname, key owner and key type.
help – included for backward compatibility. Includes the same output as helpkey.
keyname – name of the key you are investigating. Lists the properties defined for keyname. If keyname is omitted, lists properties for all keys.
wildcard – lists the properties for keys matching the wildcard pattern in the current database.
For information on using wildcard characters, see Chapter 4, “Using wildcard characters” in Reference Manual:Building Blocks.
all_dbs – lists information on encryption keys in all available databases. Only the SSO can run all_dbs.
key_copy – lists all user copies for the specified key in the current database. The output is sorted by key_owner.keyname and includes information about:
The base key owner.
Whether the key copy is a recovery key copy.
The user to whom a copy belongs.
Whether the copy is encrypted with a user-encryption password, a login password, or the system encryption password for login association (indicated in the output by Login Access).
display_cols – displays the key name, all keys (or matching wildcard keys) in the current database, and the columns the key encrypts. When SSO includes display_cols, all columns encrypted by the keys across all available databases are included. When a user without the sso_role runs display_cols, only those columns encrypted by the key in the current database appear. Data is sorted by keyname, key_owner, database, table_owner, table_name, and column_name.
helpcol column_name – displays the column name and the key used to encrypt the column. If the SSO includes helpcol, the key name appears in the output, even if the key is not present in the current database. If a user without the SSO includes helpcol, Adaptive Server prints the keyid of the key if it is not present in the current database, omitting the keyname. The output includes: owner.table.column, database.owner.keyname. The information is sorted by owner.table.column.
helpuser – displays the keys owned by or assigned to a user in the current database.
system_encr_passwd – displays the keys and key copies that are encrypted using the system encryption password in the current database.
system_encr_passwd, all_dbs – displays the properties of the system encryption password in every database where it has been set. The output is sorted by . Only the SSO can run this command. If the system encryption password has not been set for all databases, you see:
The system encryption password has not been set for all available databases
display_keys – used with system_encr_passwd to display the keys and key copies that are encrypted using the system encryption password.
