Specifies a key value for AES (Advanced Encryption Standard) encryption.
Valid in: | DATA step and PROC steps |
Category: | Data Set Control |
Range: | 1 to 64 bytes |
Restrictions: | Use with SAS 9.4 or later only. |
Use only with AES-encrypted data files. | |
Note: | Check your log after this operation to ensure encryption key security. For more information, see Blotting Passwords and Encryption Key Values in SAS Language Reference: Concepts. |
assigns an encrypt key value. You must specify the ENCRYPTKEY= data set option when you are using ENCRYPT=AES. The key value can be up to 64 bytes long. To create an ENCRYPTKEY= key value with or without quotation marks, follow these rules:
%let mykey=abcdefghi12; encryptkey=&mykey encryptkey=key_value encryptkey=key_value1
encryptkey='key_value' encryptkey='1234*#mykey'
encryptkey="key_value" encryptkey="1234*#mykey" %let mykey=Abcdefghi12; encryptkey="&mykey"
When the ENCRYPTKEY= key value uses DBCS characters, the 64-byte limit applies to the character string after it has been transcoded to UTF-8 encoding. You can use the following DATA step to calculate the length in bytes of a key value in DBCS:
data _null_;
key=length(unicodec('key-value','UTF8'));
put 'key length=' key;
run;
Interaction | You cannot change the key value on an AES-encrypted data set without re-creating the data set. |
copy in=OldLib out=NewLib; select salary(encryptkey=key-value); run;
change OldName(gennum=-1 encryptkey=key-value)=NewName; run;
%let secret=myvalue;
data my.dsname(encrypt=aes encryptkey="&secret");
data salary(encrypt=aes encryptkey=green); input name $ yrsal bonuspct; datalines; Muriel 34567 3.2 Bjorn 74644 2.5 Freda 38755 4.1 Benny 29855 3.5 Agnetha 70998 4.1
proc contents data=salary(encryptkey=green); run;