| From: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Transparent column encryption |
| Date: | 2023-03-23 13:54:48 |
| Message-ID: | 71adec5d-28a8-12c2-ccb7-f4eebeed2058@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 22.03.23 10:00, Peter Eisentraut wrote:
>> I get that for the type, but why do we need the typmod duplicated as
>> well?
>
> Earlier patch versions didn't do that, but that got really confusing
> about which type the typmod really belonged to, since code currently
> assumes that typid+typmod makes sense. Earlier patch versions had three
> fields (usertypid, keyid, encalg), and then I changed it to (usertypid,
> usertypmod, keyid) and instead placed the encalg into the real typmod,
> which made everything much cleaner.
I thought about this some more. I think we could get rid of
attusertypmod and just hardcode it as -1. The idea would be that if you
ask for an encrypted column of type, say, varchar(500), the server isn't
able to enforce that anyway, so we could just prohibit specifying a
nondefault typmod for encrypted columns.
I'm not sure if there are weird types that use typmods in some way where
this wouldn't work. But so far I could not think of anything.
I'll look into this some more.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2023-03-23 14:04:11 | Re: HOT chain validation in verify_heapam() |
| Previous Message | Imseih (AWS), Sami | 2023-03-23 13:54:05 | Re: [BUG] pg_stat_statements and extended query protocol |