Re: Transparent column encryption

On 12.02.23 15:48, Mark Dilger wrote:
> I should mention, src/sgml/html/libpq-exec.html needs clarification:
>
>> paramFormats[]Specifies whether parameters are text (put a zero in the array entry for the corresponding parameter) or binary (put a one in the array entry for the corresponding parameter). If the array pointer is null then all parameters are presumed to be text strings.
>
> Perhaps you should edit this last sentence to say that all parameters are presumed to be test strings without forced encryption.

This is actually already mentioned later in that section.

>> When column encryption is enabled, the second-least-significant byte of this parameter specifies whether encryption should be forced for a parameter.
>
> The value 0x10 has a one as its second-least-significant *nibble*, but that's a really strange way to describe the high-order nibble, and perhaps not what you mean. Could you clarify?
>
>> Set this byte to one to force encryption.
>
> I think setting the byte to one (0x01) means "binary unencrypted", not "force encryption". Don't you mean to set this byte to 16?
>
>> For example, use the C code literal 0x10 to specify text format with forced encryption. If the array pointer is null then encryption is not forced for any parameter.
>> If encryption is forced for a parameter but the parameter does not correspond to an encrypted column on the server, then the call will fail and the parameter will not be sent. This can be used for additional security against a compromised server. (The drawback is that application code then needs to be kept up to date with knowledge about which columns are encrypted rather than letting the server specify this.)

This was me being confused. I adjusted the text to use "half-byte".

> I think you should say something about how specifying 0x11 will behave -- in other words, asking for encrypted binary data. I believe that this is will draw a "format must be text for encrypted parameter" error, and that the docs should clearly say so.

done