sysencryptkeys

Description

Each key created in a database, including the default key, has an entry in the database-specific system catalog sysencryptkeys.

Columns

The columns for sysencryptkeys are:

Field	Type	Description
id	int	Encryption key ID.
ekalgorithm	int	Encryption algorithm.
type	smallint	Identifies the key type. The values are: 0x1 (decimal 1) – Symmetric key 0x4 (decimal 4) – Default key 0x10 (decimal 16) – Key copy 0x40 (decimal 64) – Recovery key copy
status	int	Internal status information. The bit representations are: 0x1 (decimal 1) – Key uses initialization vector 0x2 (decimal 2) – Key uses random pad 0x4 (decimal 4) – Key is encrypted for lost password protection 0x8 (decimal 8) – Key copy encrypted for login access 0x10 (decimal 16) – Key copy encrypted with login password 0x20 (decimal 32) – Key copy encrypted with system encryption password 0x100 (decimal 256) – Key encrypted with user password
eklen	smallint	User-specified length of key.
value	varbinary(1282)	Encrypted value of a key. Contains a symmetric encryption of the key. To encrypt keys, Adaptive Server uses AES with a 128-bit key from the system encryption, user-specified, or login password.
uid	int null	User ID of key copy assignee.
eksalt	varbinary(20)	Random values used to validate decryption of the encryption key.
ekpairid	int null	Not used.
pwdate	datetime null	Date the password was last changed.
expdate	int null	Not used.
ekpwdwarn	int null	Not used.

The status bits for sysencryptkeys.

**Table 1-11: sysencryptkeys status bits**
Decimal	Hex	Status
	0x00000004	EK_KEYRECOVERY() – keys encrypted for lost password protection.
	0x00000008	EK_LOGINACCESS() – key encrypted for login access
	0x00000010	EK_LOGINPASS () – key encrypted with login password
	0x00000100	EK_USERPWD() – keys encrypted with user-encryption passwords