sqledbdescextext data structure
The double extended database description block (sqledbdescextext) structure is used during a call to the sqlecrea API to specify permanent values for database attributes. The double extended database description block specifies values for database encryption parameters. This structure is used in addition to, not instead of, the database description block (sqledbdesc) structure and the extended database description block (sqledbdescext) structure. If this structure is not passed to the sqlecrea API, the database is not encrypted.
API and data structure syntax
SQL_STRUCTURE sqledbdescextext
{
struct sqleDbEncryptionOptions *pDbEncryptionOptions;
void *reserved1;
void *reserved2;
void *reserved;
};
SQL_STRUCTURE sqleDbEncryptionOptions
{
char encryptDb;
unsigned short cipherName;
unsigned short cipherMode;
sqluint32 cipherKeyLen;
char *masterKeyLabel;
sqluint32 masterKeyLabelLen;
void *reserved;
};sqledbdescextext data structure parameters
| Field name | Data type | Description |
|---|---|---|
| PDBENCRYPTIONOPTIONS | Pointer | A pointer to the sqleDbEncryptionOptions structure. This structure is used to specify encryption options for the database. |
| RESERVED1 | Pointer | Reserved for future use. |
| RESERVED2 | Pointer | Reserved for future use. |
| RESERVED | Pointer | Reserved for future use. |
Database encryption options (sqleDbEncryptionOptions) data structure parameters
The database encryption options
(sqleDbEncryptionOptions) structure can be used during a call to the sqlecrea API.
It is an element of the sqledbdescextext structure, and it specifies
encryption options for the database.
| Field name | Data type | Description |
|---|---|---|
| ENCRYPTDB | SMALLINT | Specifies that the database is to be encrypted. See the information that follows this table for values. |
| CIPHERNAME | SMALLINT | Specifies the encryption algorithm that is to be used for encrypting the database. See the information that follows this table for values. |
| CIPHERMODE | SMALLINT | Specifies the encryption algorithm mode that is to be used for encrypting the database. See the information that follows this table for values. |
| CIPHERKEYLEN | SQLUINT32 | Specifies the length of the key that is to be used for encrypting the database. See the information that follows this table for values. |
| MASTERKEYLABEL | CHAR | Specifies a label for the master key that is used to encrypt the database. |
| MASTERKEYLABELLEN | SQLUINT32 | Specifies the length of the label for the master key that is used to encrypt the database. |
| RESERVED | Pointer | Reserved for future use. |
Important: The Triple Data Encryption Standard (3DES) native
encryption option is deprecated and might be removed in a future release. As a replacement, use the
Advanced Encryption Standard (AES) native encryption option.
Valid values
for ENCRYPTDB (defined in sqlenv.h) are:- SQL_ENCRYPT_DB_NO
- Specifies that the database is not to be encrypted. This is the default.
- SQL_ENCRYPT_DB_YES
- Specifies that the database is to be encrypted.
- SQL_ENCRYPT_DB_DEFAULT
- Specifies the default for whether or not the database is to be encrypted.
Valid values for CIPHERNAME (defined
in sqlenv.h) are:
- SQL_CIPHER_DEFAULT
- Specifies the default algorithm for encrypting the database.
- SQL_CIPHER_3DES
- Specifies the Triple Data Encryption Standard (3DES) algorithm for encrypting the database.
- SQL_CIPHER_AES
- Specifies the Advanced Encryption Standard (AES) algorithm for encrypting the database. This is the default.
Valid values for CIPHERMODE (defined
in sqlenv.h) are:
- SQL_CIPHER_MODE_DEFAULT
- Specifies the default encryption algorithm mode for encrypting the database.
- SQL_CIPHER_MODE_CBC
- Specifies the Cipher Block Chaining (CBC) encryption algorithm mode for encrypting the database.
Valid values for CIPHERKEYLEN (defined
in sqlenv.h) are:
- SQL_CIPHER_KEYLEN_DEFAULT
- Specifies the default length of the key that is to be used for encrypting the database.
- SQL_CIPHER_KEYLEN_3DES_168
- Specifies that the length of the key that is to be used for encrypting the database is 168 bits. The key occupies 192 bits of memory. Available with 3DES only.
- SQL_CIPHER_KEYLEN_AES_128
- Specifies that the length of the key that is to be used for encrypting the database is 128 bits. Available with AES only.
- SQL_CIPHER_KEYLEN_AES_192
- Specifies that the length of the key that is to be used for encrypting the database is 192 bits. Available with AES only.
- SQL_CIPHER_KEYLEN_AES_256
- Specifies that the length of the key that is to be used for encrypting the database is 256 bits. Available with AES only.