pgcrypto encrypt
Hello!
Is there a way to decrypt data encrypted with the pgcrypto "encrypt"
function, outside the database? Assuming that I know the key etc...
Thanks!
-- Stephen
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On Wed, Sep 6, 2017 at 04:19:52PM -0400, Stephen Cook wrote:
Hello!
Is there a way to decrypt data encrypted with the pgcrypto "encrypt"
function, outside the database? Assuming that I know the key etc...
Yes, I think so. pgcrypto uses openssl and gpg internally, so using
those tools should work.
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On Tue, Sep 19, 2017 at 12:20 PM, Bruce Momjian <bruce@momjian.us> wrote:
On Wed, Sep 6, 2017 at 04:19:52PM -0400, Stephen Cook wrote:
Hello!
Is there a way to decrypt data encrypted with the pgcrypto "encrypt"
function, outside the database? Assuming that I know the key etc...Yes, I think so. pgcrypto uses openssl and gpg internally, so using
those tools should work.
I know that pgp_sym_encrypt and pgp_sym_decrypt interoperates well with
"outside the database" gpg, although dealing with armoring and de-armoring
as well as text mode or binary mode is a bit of a bother until you get used
to it.
But he seems to be asking about the "F.25.4. Raw Encryption Functions". I
wouldn't want to reassure him that it would be easy to make those work
outside the database, without having seen it done. But it should of course
be possible to make it work, even if that means rearranging the code of
pgcrypto and compiling into something that is standalone.
Cheers,
Jeff
On Tue, Sep 19, 2017 at 12:42:40PM -0700, Jeff Janes wrote:
On Tue, Sep 19, 2017 at 12:20 PM, Bruce Momjian <bruce@momjian.us> wrote:
On Wed, Sep� 6, 2017 at 04:19:52PM -0400, Stephen Cook wrote:
Hello!
Is there a way to decrypt data encrypted with the pgcrypto "encrypt"
function, outside the database? Assuming that I know the key etc...Yes, I think so.� pgcrypto uses openssl and gpg internally, so using
those tools should work.I know that�pgp_sym_encrypt and pgp_sym_decrypt interoperates well with
"outside the database" gpg, although dealing with armoring and de-armoring as
well as text mode or binary mode is a bit of a bother until you get used to it.But he seems to be asking about the "F.25.4. Raw Encryption Functions".� I
wouldn't want to reassure him that it would be easy to make those work outside
the database, without having seen it done.� But it should of course be possible
to make it work, even if that means rearranging the code of pgcrypto and
compiling into something that is standalone.
Uh, it should be possible with openssl, but I have never tried it.
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On 2017-09-19 15:42, Jeff Janes wrote:
On Tue, Sep 19, 2017 at 12:20 PM, Bruce Momjian <bruce@momjian.us
<mailto:bruce@momjian.us>> wrote:On Wed, Sep 6, 2017 at 04:19:52PM -0400, Stephen Cook wrote:
Hello!
Is there a way to decrypt data encrypted with the pgcrypto "encrypt"
function, outside the database? Assuming that I know the key etc...Yes, I think so. pgcrypto uses openssl and gpg internally, so using
those tools should work.I know that pgp_sym_encrypt and pgp_sym_decrypt interoperates well with
"outside the database" gpg, although dealing with armoring and
de-armoring as well as text mode or binary mode is a bit of a bother
until you get used to it.But he seems to be asking about the "F.25.4. Raw Encryption Functions".
I wouldn't want to reassure him that it would be easy to make those work
outside the database, without having seen it done. But it should of
course be possible to make it work, even if that means rearranging the
code of pgcrypto and compiling into something that is standalone.
Cheers,Jeff
Yes, I mean the "Raw Encryption Functions". I am aware that this is not
the recommended method, but there are limitations with this client and
this is what we are using.
I was hoping that it is a standard algorithm, something that could be
implemented in whatever language they are using for ETL. We have one
column encrypted with "encrypt". When this table is exported the guys on
the other end need to decrypt it, without access to a PostgreSQL instance.
I'm already pushing for a rewrite of this part, but if anyone knows
anything about getting that data, I'm all ears.
-- Stephen
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general