Re: Postgresql + digital signature - Mailing list pgsql-general

From Marko Kreen
Subject Re: Postgresql + digital signature
Date
Msg-id e51f66da0801230452q184b38d8u39bc4013fa939e3f@mail.gmail.com
Whole thread Raw
In response to Postgresql + digital signature  ("Luis Alberto Pérez Paz" <midriasis@gmail.com>)
List pgsql-general
On 1/23/08, Luis Alberto Pérez Paz <midriasis@gmail.com> wrote:
> I'm working in a project which is using postgres (great database!, I love
> it)
>
> We're in a stage where I need to implement a mechanism to prevent the data
> modification.
>
> I'm thinking on 'Digital Signatures' (maybe RSA) in each row. If there's a
> modification, the signature doesn't verify.
>
>
> However before start I need your help to know:
>
> Is there in postgres something functionality like this?
> Does any know if there's something similar another database system?

There is hmac() in pgcrypto, basically digest() with key.
It should be enough if you are ok with symmeric keys.

For public keys there is also pgp_pub_encrypt/decrypt but not
sign/verify.  You emulate them with digest() + pub_encrypt,
but that would be ugly, you are better off doing proper
sign/verity in client.

Another path would be to look for PLs that have module for
sign+verify - I'd guess that both plpythonu and plperlu
should have those.

--
marko

pgsql-general by date:

Previous
From: "T.J. Adami"
Date:
Subject: Re: Installing PGSQL
Next
From: "T.J. Adami"
Date:
Subject: Re: postgresql source build instructions for ubuntu 7.04