On Wed, May 27, 2020 at 10:14:46AM +1000, Tim Cross wrote:
>
> Marc Munro <marc@bloodnok.com> writes:
>
> > I need to be able to cryptographically sign objects in my database
> > using a public key scheme.
> >
> > Is my only option to install plpython or some such thing? Python
> > generally makes me unhappy as I'm never convinced of its stability or
> > the quality of its APIs, and it is not obvious to me which of the many
> > different gpg-ish packages I should choose.
> >
> > Any other options? Am I missing something?
> >
>
> This is something you would normally implement at the application level,
> using the database as just the store for the data and signatures or
> signed digests.
>
> Main reason for this is to allow for secure key management. It is very
> difficult to implement a secure key management solution at the database
> level unless it is designed into the fundamental architecture of the
> rdbms. It is the same age old problem - how can you encrypt data AND
> have the keys for the encrypted data in the same place. The main reason
> for encryption is so that if your store gets compromised, the data
> cannot be read. However, if your key is also in the store, then when
> your compromised, your key is compromised and your encryption becomes a
> mute issue.
This blog entry illustrates row signing on the client side:
https://momjian.us/main/blogs/pgblog/2018.html#September_7_2018
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee
