From: | Luca Ferrari <fluca1978(at)gmail(dot)com> |
---|---|
To: | Vikas Sharma <shavikas(at)gmail(dot)com> |
Cc: | pgsql-general <pgsql-general(at)lists(dot)postgresql(dot)org> |
Subject: | Re: pgcrypto - real life examples to encrypt / decrypt |
Date: | 2021-08-03 12:43:12 |
Message-ID: | CAKoxK+7qj0oMz+dNSoj9KR5CKHNmJVaRdSc4c9NrG1bNa2f9GA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Tue, Aug 3, 2021 at 1:03 PM Vikas Sharma <shavikas(at)gmail(dot)com> wrote:
> My question is, can I use the gpg public/secret key instead of the 'Secret password' in above PGP_Sym_encrypt/decrypt? I can create a wrapper function to read the public/secret keys to hide it from appearing as clear text.
I think you are looking for something like:
pgp_pub_encrypt( clear_text,
dearmor( '-----BEGIN PGP PUBLIC KEY BLOCK-----
...
-----END PGP PUBLIC KEY BLOCK-----' ) );
>
> still researching how to encrypt a column with sensitive data as a best practice to use in OLTP production with minimal impact on performance.
Clearly, as you add more stuff to do, performances will be lower. I
strongly recommend you to analyze if column encryption is really what
you need for your purposes, because in my little experience it is
often too much work with regard to other approaches (e.g., disk and
backup encryption).
Luca
From | Date | Subject | |
---|---|---|---|
Next Message | Luca Ferrari | 2021-08-03 12:54:42 | Re: Postgres 9.6 to 12.7 pg_upgrade error - terminating connection due to administrator command |
Previous Message | Luca Ferrari | 2021-08-03 12:39:16 | Re: Unexpected block ID found when reading data |