Re: Transparent column encryption

On 11.01.23 17:46, vignesh C wrote:
> On Sat, 31 Dec 2022 at 19:47, Peter Eisentraut
> <peter(dot)eisentraut(at)enterprisedb(dot)com> wrote:
>>
>> On 21.12.22 06:46, Peter Eisentraut wrote:
>>> And another update. The main changes are that I added an 'unspecified'
>>> CMK algorithm, which indicates that the external KMS knows what it is
>>> but the database system doesn't. This was discussed a while ago. I
>>> also changed some details about how the "cmklookup" works in libpq. Also
>>> added more code comments and documentation and rearranged some code.
>>>
>>> According to my local todo list, this patch is now complete.
>>
>> Another update, with some merge conflicts resolved. I also fixed up the
>> remaining TODO markers in the code, which had something to do with Perl
>> and Windows. I did some more work on schema handling, e.g., CREATE
>> TABLE / LIKE, views, partitioning etc. on top of encrypted columns,
>> mostly tedious and repetitive, nothing interesting. I also rewrote the
>> code that extracts the underlying tables and columns corresponding to
>> query parameters. It's now much simpler and better encapsulated.
>
> The patch does not apply on top of HEAD as in [1], please post a rebased patch:

Here is a new patch. Changes since v14:

- Fixed some typos (review by Justin Pryzby)
- Fixed backward compat. psql and pg_dump (review by Justin Pryzby)
- Doc additions (review by Jacob Champion)
- Validate column_encryption option in libpq (review by Jacob Champion)
- Handle column encryption in inheritance
- Change CEKs and CMKs to live inside schemas