VoltageSecureAccess

Sends encrypted values to Voltage SecureData for decryption.

Syntax

VoltageSecureAccess('encrypted_value' USING PARAMETERS format='format_name' 
                    [, config_dfs_path='filename']
                    [, identity='sd_identity'])

Parameters

encrypted_value A VARCHAR value that was encrypted using SecureData. You must cast other data types (for example DATE values) to VARCHAR when calling this function.
format_name A string containing the name of encrypted_value's FPE format. This format must match the format used to encrypt the value, or the result will be a random value. SecureData has no way to tell if the value passed to it was actually encrypted or not, or what FPE format was used.
filename

String containing the file name of the configuration file to use when authenticating with the SecureData appliance. You must create this file using VoltageSecureConfigure. If you do not supply this parameter, you must set session parameters to configure access to SecureData. See Configuring Access to SecureData. Any values set in session parameters override the values in this file.
sd_identity A string containing the identity to use when decrypting the data. Because SecureData uses the identity to determine encryption keys, this identity much match the identity used to encrypt the data. If supplied, this value overrides any identity value set in the configuration file or session parameter.

Examples

The following example decrypts a Social Security Number (SSN) originally encrypted with a predefined format.

=> SELECT VoltageSecureAccess('376-69-6789' USING PARAMETERS format='ssn');
 VoltageSecureAccess 
---------------------
 123-45-6789
(1 row)

This example demonstrates decrypting an encrypted column within a query.

=> SELECT id, 
          first_name, 
          last_name, 
          VoltageSecureAccess(ssn USING PARAMETERS format='ssn', 
                              config_dfs_path='/voltagesecure/conf') AS ssn,  
          dob 
      FROM customers 
      WHERE dob < '1970-1-1' 
      ORDER BY id ASC 
      LIMIT 10; 

  id  | first_name | last_name  |     ssn     |    dob
------+------------+------------+-------------+------------
 5346 | Talon      | Wilkins    | 540-48-0784 | 1941-09-17
 5347 | Daquan     | Phelps     | 785-34-0092 | 1963-05-08
 5348 | Basia      | Lopez      | 011-85-0705 | 1940-04-29
 5349 | Kaseem     | Hendrix    | 672-57-0309 | 1942-03-11
 5350 | Omar       | Lott       | 825-45-0131 | 1956-02-17
 5352 | Illana     | Middleton  | 831-47-0929 | 1949-12-29
 5353 | Garrett    | Williamson | 408-73-0207 | 1955-11-06
 5354 | Hanna      | Ware       | 694-97-0394 | 1967-08-08
 5355 | Quinn      | Pruitt     | 818-91-0359 | 1965-11-14
 5356 | Clayton    | Santiago   | 102-56-0010 | 1958-02-02
(10 rows)

The following example decrypts Unicode using a predefined format. For a full list of predefined formats, consult the Voltage SecureData documentation.

=> SELECT VoltageSecureAccess('607-Òdìçç-ぶてぴねら' using parameters format='PREDEFINED::JU_AUTO_TYPE');
VoltageSecureAccess
----------------------
123-Hello-こんにちは

See Also