On 8/3/21 8:43 AM, Luca Ferrari wrote: > On Tue, Aug 3, 2021 at 1:03 PM Vikas Sharma <shavikas@gmail.com> wrote: >> My question is, can I use the gpg public/secret key instead of the 'Secret password' in above PGP_Sym_encrypt/decrypt? I can create a wrapper function to read the public/secret keys to hide it from appearing as clear text. > > I think you are looking for something like: > > pgp_pub_encrypt( clear_text, > dearmor( '-----BEGIN PGP PUBLIC KEY BLOCK----- > ... > -----END PGP PUBLIC KEY BLOCK-----' ) ); > > >> >> still researching how to encrypt a column with sensitive data as a best practice to use in OLTP production with minimal impact on performance. > > Clearly, as you add more stuff to do, performances will be lower. I > strongly recommend you to analyze if column encryption is really what > you need for your purposes, because in my little experience it is > often too much work with regard to other approaches (e.g., disk and > backup encryption).
Generally agreed. This topic is vast and complex and probably beyond what most people want to discuss by typing (at least for me) ;-)
That said, you might find this extension written by Bruce Momjian useful:
