I've got an encrypted field that is used as one of the subscripts in a
multi-field index, with the structure for the index being ^UICREDIT(field1,
field2, record id) with field 2 being the encrypted field. The data has
been encrypted using the AESEncode method from the $system.Encryption class.
Specifying retrieval code for this field works for getting the data from
disk when a query is executed, however, I've run into problems with indexes
that use encrypted fields. The retrieval code does not work when doing
traversals on the index. Intersystems suggested that I write a user-defined
data type for encrypted fields. I've tried that, creating a rough Encrypted
data type class that has a StorageToLogical and LogicalToStorage method.
The StorageToLogical method gets generated into the compiled SQL if the
field is mapped as Encrypted. However, it still isn't being used for the
encrypted subscript.
Since that didn't work, I modified the SQL Storage map for the index global
in Studio, specifying the access type for the encrypted subscript as Sub,
with an expression of: ##class(arch.system.Encrypted).FieldDecryption(Data).
This does get generated into the global when it is referenced in the
compiled SQL:
s
%cur123850d(1)=$o(^UICREDIT(%cur123850d(4),##class(arch.system.Encrypted).Fi
eldDecryption(Data),%cur123850d(1)))
However, if instead of data I pass in {L2} for the subscript level the class
won't compile. If I use the field's SqlFieldName, {AUCREDIT} then the class
method call is not added to the compiled SQL.
Does anyone have any thoughts on this, or any experience with writing data
type classes, or with using the $system.Encryption class? Any help would be
greatly appreciated. Thanks.
Nick Hershberger
