Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oxukD-00060q-LP for pgsql-hackers@arkaria.postgresql.org; Wed, 23 Nov 2022 18:45:13 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1oxukC-0000Ue-EJ for pgsql-hackers@arkaria.postgresql.org; Wed, 23 Nov 2022 18:45:12 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oxukC-0000UQ-2H for pgsql-hackers@lists.postgresql.org; Wed, 23 Nov 2022 18:45:12 +0000 Received: from out5-smtp.messagingengine.com ([66.111.4.29]) by magus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oxuk9-0001Nc-RS for pgsql-hackers@postgresql.org; Wed, 23 Nov 2022 18:45:11 +0000 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 84FC65C00F1; Wed, 23 Nov 2022 13:45:08 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute1.internal (MEProxy); Wed, 23 Nov 2022 13:45:08 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1669229108; x= 1669315508; bh=WoIj8Ttcb1cgbWzOjmi6185BGiAP3GGSk24XIdfx+KE=; b=x UffY3P2rMkmgSRwKueXYR85zOuKOOJNuBZJlGn9lY/P8QkjeK3DSbRrZt+6zaIxQ JqnPIJ9kcqfAkF+cC68kReFMFB9mrjVN/d15M2jKVjBFC2lGyi3rrFBxPQRvNAHr L054Dp2fztUSy/lQ3kyg1tWJC10NHPkyKQ4Jg+g44cEcN/MfB5uhIsNz67rFMF+2 0oXW9jXFNVTj8nUErXRsxOONi/SKMU/FohQyG85Anh4ruLZnZjsU3dIJOScSv/PV ahjXhAPN21aO3eO/g2JJF5WtBK0qZZBgaVVBYaIRwo8iZssymOQ3zOdCytxaa/6+ 6XkrybxqJye2ubgQlDS+w== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvgedriedugdduudefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefkffggfgfuvfevfhfhjggtgfesth ekredttdefjeenucfhrhhomheprfgvthgvrhcugfhishgvnhhtrhgruhhtuceophgvthgv rhdrvghishgvnhhtrhgruhhtsegvnhhtvghrphhrihhsvggusgdrtghomheqnecuggftrf grthhtvghrnhephfejudeuleefheeutddufeetjeevgeeiieeujeeuheefkedttdeuieei ieethfevnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epphgvthgvrhdrvghishgvnhhtrhgruhhtsegvnhhtvghrphhrihhsvggusgdrtghomh X-ME-Proxy: Feedback-ID: i131946ab:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 23 Nov 2022 13:45:07 -0500 (EST) Message-ID: Date: Wed, 23 Nov 2022 19:45:06 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 Subject: Re: Transparent column encryption Content-Language: en-US To: Jehan-Guillaume de Rorthais Cc: pgsql-hackers References: <89157929-c2b6-817b-6025-8e4b2d89d88f@enterprisedb.com> <48a9f2c2-4a57-27d8-7c53-16a23a01014e@enterprisedb.com> <79f08a39-a7da-5157-cef4-378fb60c18f8@enterprisedb.com> <258c5064-437e-f41e-7537-5e8c343c33cc@enterprisedb.com> <6bd99fea-3298-854d-d37f-554151342f36@enterprisedb.com> <963aa100-7e78-3463-0645-700eaaa325f2@enterprisedb.com> <06830254-6d87-86b2-0280-bf2eee7736a5@enterprisedb.com> <20221028121629.6467d8f9@karst> From: Peter Eisentraut In-Reply-To: <20221028121629.6467d8f9@karst> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 28.10.22 12:16, Jehan-Guillaume de Rorthais wrote: > I did a review of the documentation and usability. I have incorporated some of your feedback into the v11 patch I just posted. > # Applying patch > > The patch applied on top of f13b2088fa2 without trouble. Notice a small > warning during compilation: > > colenccmds.c:134:27: warning: ‘encval’ may be used uninitialized > > A simple fix could be: > > +++ b/src/backend/commands/colenccmds.c > @@ -119,2 +119,3 > encval = defGetString(encvalEl); > + *encval_p = encval; > } > @@ -132,4 +133,2 > *alg_p = alg; > - if (encval_p) > - *encval_p = encval; > } fixed > # Documentation > > * In page "create_column_encryption_key.sgml", both encryption algorithms for > a CMK are declared as the default one: > > + > + The encryption algorithm that was used to encrypt the key material of > + this column encryption key. Supported algorithms are: > + > + > + RSAES_OAEP_SHA_1 (default) > + > + > + RSAES_OAEP_SHA_256 (default) > + > + > + > > As far as I understand the code, I suppose RSAES_OAEP_SHA_1 should be the > default. fixed > I believe two information should be clearly shown to user somewhere in > chapter 5.5 instead of being buried deep in documentation: > > * «COPY does not support column decryption», currently buried in pg_dump page > * «When transparent column encryption is enabled, the client encoding must > match the server encoding», currently buried in the protocol description > page. > > * In the libpq doc of PQexecPrepared2, "paramForceColumnEncryptions" might > deserve a little more detail about the array format, like «0 means "don't > enforce" and anything else enforce the encryption is enabled on this > column». By the way, maybe this array could be an array of boolean? > > * In chapter 55.2.5 (protocol-flow) is stated: «when column encryption is > used, the plaintext is always in text format (not binary format).». Does it > means parameter "resultFormat" in "PQexecPrepared2" should always be 0? If > yes, is it worth keeping this argument? Moreover, this format constraint > should probably be explained in the libpq page as well. I will keep these suggestions around. Some of these things will probably change again, so I'll make sure to update the documentation when I touch it again. > # Protocol > > * In the ColumnEncryptionKey message, it seems the field holding the length > key material is redundant with the message length itself, as all other > fields have a known size. The key material length is the message length - > (4+4+4+2). For comparison, the AuthenticationSASLContinue message has a > variable data size but rely only on the message length without additional > field. I find that weird, though. An explicit length seems better. Things like AuthenticationSASLContinue only work if they have exactly one variable-length data item. > * I wonder if encryption related fields in ParameterDescription and > RowDescription could be optional somehow? The former might be quite large > when using a lot of parameters (like, imagine a large and ugly > "IN($1...$N)"). On the other hand, these messages are not sent in high > frequency anyway... They are only used if you turn on the column_encryption protocol option. Or did you mean make them optional even then? > # libpq > > Would it be possible to have an encryption-ready PQexecParams() equivalent > of what PQprepare/describe/exec do? I plan to do that. > # psql > > * You already mark \d in the TODO. But having some psql command to list the > known CEK/CMK might be useful as well. right > * about write queries using psql, would it be possible to use psql > parameters? Eg.: > > => \set c1 myval > => INSERT INTO mytable VALUES (:'c1') \gencr No, because those are resolved by psql before libpq sees them. > # Manual tests > > * The lookup error message is shown twice for some reason: > > => select * from test_tce; > no CMK lookup found for realm "" > > no CMK lookup found for realm "" > > It might worth adding the column name and the CMK/CEK names related to each > error message? Last, notice the useless empty line between messages. I'll look into that. > * When "DROP IF EXISTS" a missing CEK or CMK, the command raise an > "unrecognized object type": > > => DROP COLUMN MASTER KEY IF EXISTS noexists; > ERROR: unrecognized object type: 10 > => DROP COLUMN ENCRYPTION KEY IF EXISTS noexists; > ERROR: unrecognized object type: 8 fixed > * I was wondering what "pg_typeof" should return. It currently returns > "pg_encrypted_*". If this is supposed to be transparent from the client > perspective, shouldn't it return "attrealtypid" when the field is encrypted? Interesting question. Need to think about it. I'm not sure what the purpose of pg_typeof really is. The only use I can recall is for pgTAP. > * any reason to not support altering the CMK realm? This could be added. I have that in my notes.