Question: pgp_sym_decrypt/pgp_sym_encrypt - Mailing list pgsql-general

From atirek khare
Subject Question: pgp_sym_decrypt/pgp_sym_encrypt
Date
Msg-id CAH-hWTydOWB22CsJHoWZ0UBsj1J-yviJfMhc8A+wk0kPzLKvOQ@mail.gmail.com
Whole thread Raw
List pgsql-general

Hi,

I’m trying to use pgcrypto for encryption/ decryption of column from SpringBoot Java application. The function I am using is pgp_sym_encrypt/ decrypt.

 

Postgres Version: 12.3

E.g.

insert into employee values (1, 'Jay', '1 down str',  20, pgp_sym_encrypt('ABC-220','emp_sec_key'));

select empno, ename, address, pgp_sym_decrypt(account_number::bytea,'emp_sec_key') from employee;

 

We want key to be stored and read from secure vault. We explored several options, however not able set the key in encrypt/ decrypt function from variable whose value is read from vault. It seems the function is not recognizing the variable value.

 

With hardcoded key in function the encryption and decryption is working fine.

 

Could you pls assist with:

  1. Can we pass key to function pgp_sym_decrypt/ encrypt from variable?
  2. Any sample code where this has been achieved?

 

Thanks

Atirek

pgsql-general by date:

Previous
From: Stephen Frost
Date:
Subject: Re: pgbackrest - hiding the encryption password
Next
From: David Steele
Date:
Subject: Re: pgbackrest - hiding the encryption password