By default, encryption and decryption are handled by the remote SAP ASE.
CIS makes a one-time check for encrypted columns on the remote SAP ASE. If the remote SAP ASE supports encryption, CIS updates the local syscolumns catalog with the encrypted-column-related metadata as follows:
create proxy_table automatically updates syscolumns with any encrypted-column information from the remote tables.
create existing table automatically updates syscolumns with any encrypted-column metadata from the remote tables. The encrypt keyword is not allowed in the column_list for create existing table. CIS automatically marks columns as encrypted if it finds any encrypted columns on the remote table.
create table at the location with encrypted columns is not allowed.
alter table is not allowed on encrypted columns for proxy tables.
select into existing brings the plain text from the source and inserts it into destination table. The local SAP ASE then encrypts the plain text before insertion into any encrypted columns.
encrtype – type of data on disk.
encrlen – length of encrypted data.
status2 – status bits that indicate that column is encrypted.