From: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
---|---|
To: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Cc: | vignesh C <vignesh21(at)gmail(dot)com> |
Subject: | Re: Transparent column encryption |
Date: | 2023-01-25 18:44:37 |
Message-ID: | 1034b6f1-ccab-8a22-c843-71104ebedf01@enterprisedb.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 11.01.23 17:46, vignesh C wrote:
> On Sat, 31 Dec 2022 at 19:47, Peter Eisentraut
> <peter(dot)eisentraut(at)enterprisedb(dot)com> wrote:
>>
>> On 21.12.22 06:46, Peter Eisentraut wrote:
>>> And another update. The main changes are that I added an 'unspecified'
>>> CMK algorithm, which indicates that the external KMS knows what it is
>>> but the database system doesn't. This was discussed a while ago. I
>>> also changed some details about how the "cmklookup" works in libpq. Also
>>> added more code comments and documentation and rearranged some code.
>>>
>>> According to my local todo list, this patch is now complete.
>>
>> Another update, with some merge conflicts resolved. I also fixed up the
>> remaining TODO markers in the code, which had something to do with Perl
>> and Windows. I did some more work on schema handling, e.g., CREATE
>> TABLE / LIKE, views, partitioning etc. on top of encrypted columns,
>> mostly tedious and repetitive, nothing interesting. I also rewrote the
>> code that extracts the underlying tables and columns corresponding to
>> query parameters. It's now much simpler and better encapsulated.
>
> The patch does not apply on top of HEAD as in [1], please post a rebased patch:
Here is a new patch. Changes since v14:
- Fixed some typos (review by Justin Pryzby)
- Fixed backward compat. psql and pg_dump (review by Justin Pryzby)
- Doc additions (review by Jacob Champion)
- Validate column_encryption option in libpq (review by Jacob Champion)
- Handle column encryption in inheritance
- Change CEKs and CMKs to live inside schemas
Attachment | Content-Type | Size |
---|---|---|
v15-0001-Transparent-column-encryption.patch | text/plain | 413.7 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2023-01-25 18:45:18 | Re: Transparent column encryption |
Previous Message | Dimos Stamatakis | 2023-01-25 18:38:55 | pg_upgrade from PG-14.5 to PG-15.1 failing due to non-existing function |