pdpotter commented on issue #215:
URL: https://github.com/apache/incubator-age/issues/215#issuecomment-1123294063
One way to do this would be to do the encryption on the client or
application server. If the application server and database server are on
separate hosts, this has the additional advantage that the keys are stored on a
different system than the encrypted data. If the data doesn't need to be
decrypted later on (e.g., if it is only necessary to check if an entered phone
number is the same as a phone number stored in the database), it's best to use
a hash function with a salt.
Using `PGP_SYM_ENCRYPT` from `pgcrypto` doesn't seem to work:
```
SELECT * FROM cypher('test_graph', $$
CREATE (p:person {id: 1, phone: PGP_SYM_ENCRYPT('test', 'KEY')}) return p
$$) as (p agtype);
ERROR: function ag_catalog.age_pgp_sym_encrypt(agtype, agtype) does not
exist
LINE 1: ... $$CREATE (p:person {id: 1, phone: PGP_SYM_ENCRYPT('test', '...
```
Are you using an application server in front of the database?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
