Description
You can change the encryption from 128 to 256 with pg_tde.cipher, by adding
pg_tde.cipher = 'aes_256'
And I can check whether a table is encrypted in several ways:
But as far as I understand, these options only tell you if the table is encrypted or not, but not if it's 128 or 256 bit encrypted.
For example, one could accidentally write
pg_tde.cipher = 'aes_2256' # invalid value.
And assume tables are 256 encrypted, which they will not be.
I think the need to verify if it's 128 or 256 is just as important as the option to verify if it's encrypted or not.
One of the point of the project to to comply with security requirements.
So the need to verify is important.
I don't want to write `pg_tde.cipher = 'aes_256' and hope/assume it works. I need to make sure. I need to verify.
Suggested solution
I don't really have a preferred solution,
- Maybe having the
\d+ table1 also show if it's 128 or 256
- Maybe like
pg_tde_is_encrypted, also have pg_tde_is_256_encrypted
As long as there is some option to verify it's 256.
Additional context
No response
Description
You can change the encryption from 128 to 256 with pg_tde.cipher, by adding
pg_tde.cipher = 'aes_256'And I can check whether a table is encrypted in several ways:
But as far as I understand, these options only tell you if the table is encrypted or not, but not if it's 128 or 256 bit encrypted.
For example, one could accidentally write
And assume tables are 256 encrypted, which they will not be.
I think the need to verify if it's 128 or 256 is just as important as the option to verify if it's encrypted or not.
One of the point of the project to to comply with security requirements.
So the need to verify is important.
I don't want to write `pg_tde.cipher = 'aes_256' and hope/assume it works. I need to make sure. I need to verify.
Suggested solution
I don't really have a preferred solution,
\d+ table1also show if it's 128 or 256pg_tde_is_encrypted, also havepg_tde_is_256_encryptedAs long as there is some option to verify it's 256.
Additional context
No response