CREATE DECRYPTED FILE statement

This statement creates a decrypted copy of a strongly encrypted database. You can also use this statement to create decrypted copies of other database related files such as transaction logs, transaction log mirrors, and dbspaces.

Syntax
CREATE DECRYPTED FILE newfile
FROM oldfile KEY key
Parameters
  • FROM clause   Lists the file name of the encrypted file.

  • KEY clause   Lists the key required to access the encrypted file.

Remarks

Use this statement when your database requires recovery and you need to create a decrypted copy of the database for support reasons. You must also use this statement to decrypt any database-related files such as the transaction log, transaction log mirror, or dbspace files.

The original database file must be strongly encrypted using an encryption key. The resulting file is an exact copy of the encrypted file, without encryption and therefore requiring no encryption key.

If a database is decrypted using this statement, the corresponding transaction log file (and any dbspaces) must also be decrypted to use the database.

If a database requiring recovery is decrypted, its transaction log file must also be decrypted and recovery on the new database will still be necessary. The name of the transaction log file remains the same in this process, so if the database and transaction log file are renamed, then you need to run dblog -t on the resulting database.

You cannot use this statement on a database on which table encryption is enabled. If you have tables you want to decrypt, use the NOT ENCRYPTED clause of the ALTER TABLE statements to decrypt them. See ALTER TABLE statement.

Note

For databases created with SQL Anywhere version 11.0.0 and later, the ISYSCOLSTAT, ISYSUSER, and ISYSEXTERNLOGIN system tables always remain encrypted to protect the data from unauthorized access to the database file.

This statement is not supported in procedures, triggers, events, or batches.

Permissions

Must be a user with DBA authority.

Side effects

None.

See also
Standards and compatibility
  • SQL/2003   Vendor extension.

Example

The following example decrypts the contacts database and creates a new unencrypted database called contacts2.

CREATE DECRYPTED FILE 'contacts2.db'
FROM 'contacts.db'
KEY 'Sd8f6654*Mnn';