The driver initiates the processing of encrypted parameters by passing the T-SQL for a prepared statement to the sp_describe_parameter_encryption system stored procedure, which is then used to return metadata for the encrypted parameters in statement. To maintain data type integrity, the server requires that the T-SQL data type, length, precision and scale values specified by the driver match those of the underlying native data type referenced by the parameters in the T-SQL statement. However, since some of the native data types do not have a one-to-one mapping to a JDBC type¹, the driver may not be able to communicate the T-SQL type to the server when calling this procedure. When this occurs, the procedure will fail to execute with an Operand type clash error.

To correct this issue, functionality was added to allow the driver to automatically discover the underlying type and adjust the T-SQL passed to the the sp_describe_parameter_encryption procedure. This behavior is disabled by default when Always Encrypted functionality is enabled (ColumnEncryption=Enabled | ResultsetOnly). To enable data type discovery, configure the following connection properties with the values provided:

When these values are specified, the driver makes an extra call to the server to retrieve accurate metadata to pass to the sp_describe_column_encryption procedure, which results in the gathering of encryption metadata and allows for encryption and decryption to succeed.