Participants

Bruce Momjian
Bruce Momjian

Thread Outline

#1Bruce MomjianBruce Momjian
Feb 22, 2019

Unified security key managment

Started by Bruce Momjianalmost 7 years ago1 messages
ThreadedFlat
Oldest FirstNewest First
#1Bruce Momjian
Bruce Momjian
bruce@momjian.us
1 attachment(s)

I know there has been recent discussion about implementing transparent
data encryption (TDE) in Postgres:

/messages/by-id/CAD21AoAqtytk0iH6diCJW24oyJdS4roN-VhrFD53HcNP0s8pzA@mail.gmail.com

I would like to now post a new extension I developed to handle
cryptographic key management in Postgres. It could be used with TDE,
with pgcrypto, and with an auto-encrypted data type. It is called
pgcryptokey and can be downloaded from:

https://momjian.us/download/pgcryptokey/

I am attaching its README file to this email.

The extension uses two-layer key storage, and stores the key in a
Postgres table. It allows the encryption key to be unlocked by the
client, or at boot time. (This would need to be modified to be a global
table if it was used for block-level encryption like TDE.)

I am willing to continue to develop this extension if there is interest.
Should I put it on PGXN eventually? It is something we would want in
/contrib?

--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +

Attachments:

READMEtext/plain; charset=us-ascii
← Back to Topics