Re: pgcrypto - real life examples to encrypt / decrypt

Thanks you Guys,

These are very helpful pointers. I will go away and see how much depth I do
need.

Regards
Vikas S.

On Tue, 3 Aug 2021 at 14:36, Joe Conway <mail(at)joeconway(dot)com> wrote:

> On 8/3/21 8:43 AM, Luca Ferrari wrote:
> > On Tue, Aug 3, 2021 at 1:03 PM Vikas Sharma <shavikas(at)gmail(dot)com> wrote:
> >> My question is, can I use the gpg public/secret key instead of the
> 'Secret password' in above PGP_Sym_encrypt/decrypt? I can create a wrapper
> function to read the public/secret keys to hide it from appearing as clear
> text.
> >
> > I think you are looking for something like:
> >
> > pgp_pub_encrypt( clear_text,
> > dearmor( '-----BEGIN PGP PUBLIC KEY BLOCK-----
> > ...
> > -----END PGP PUBLIC KEY BLOCK-----' ) );
> >
> >
> >>
> >> still researching how to encrypt a column with sensitive data as a best
> practice to use in OLTP production with minimal impact on performance.
> >
> > Clearly, as you add more stuff to do, performances will be lower. I
> > strongly recommend you to analyze if column encryption is really what
> > you need for your purposes, because in my little experience it is
> > often too much work with regard to other approaches (e.g., disk and
> > backup encryption).
>
> Generally agreed. This topic is vast and complex and probably beyond
> what most people want to discuss by typing (at least for me) ;-)
>
> That said, you might find this extension written by Bruce Momjian useful:
>
> https://momjian.us/download/pgcryptokey/
>
> HTH,
>
> Joe
> --
> Crunchy Data - http://crunchydata.com
> PostgreSQL Support for Secure Enterprises
> Consulting, Training, & Open Source Development
>