| From: | "Marko Kreen" <markokr(at)gmail(dot)com> |
|---|---|
| To: | Luis Alberto Pérez Paz <midriasis(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Postgresql + digital signature |
| Date: | 2008-01-23 12:52:08 |
| Message-ID: | e51f66da0801230452q184b38d8u39bc4013fa939e3f@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 1/23/08, Luis Alberto Pérez Paz <midriasis(at)gmail(dot)com> wrote:
> I'm working in a project which is using postgres (great database!, I love
> it)
>
> We're in a stage where I need to implement a mechanism to prevent the data
> modification.
>
> I'm thinking on 'Digital Signatures' (maybe RSA) in each row. If there's a
> modification, the signature doesn't verify.
>
>
> However before start I need your help to know:
>
> Is there in postgres something functionality like this?
> Does any know if there's something similar another database system?
There is hmac() in pgcrypto, basically digest() with key.
It should be enough if you are ok with symmeric keys.
For public keys there is also pgp_pub_encrypt/decrypt but not
sign/verify. You emulate them with digest() + pub_encrypt,
but that would be ugly, you are better off doing proper
sign/verity in client.
Another path would be to look for PLs that have module for
sign+verify - I'd guess that both plpythonu and plperlu
should have those.
--
marko
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rick Schumeyer | 2008-01-23 13:46:03 | Tips for upgrading from 7.4 |
| Previous Message | T.J. Adami | 2008-01-23 12:47:25 | Re: postgresql source build instructions for ubuntu 7.04 |