Hi,
Using Percona server 18 with TDE
Reading the source code 256bit option the default is aes_128
I added the 256 option to postgresql.conf
pg_tde.cipher = ‘aes_256’
I would like to know how to verify the encryption is now 256 and not 128.
I know I can use \d+ table1 to see if it is encrypted or not:
But how to tell if it’s 256 bit encrypted or 128 bit encrypted?
Hi @roko,
I did not find any function to check the cipher used for a table. But in the test file t/tde_heap_aes_256.pl, the team did test what happens if you switch from pg_tde.cipher='aes_128' to pg_tde.cipher='aes_256':
-- server restart
###########################
SELECT * FROM test_enc0 ORDER BY id;
id | k
----+-------------------
1 | multitude
2 | multitudinous
3 | multitudinously
4 | multitudinousness
(4 rows)
psql:<stdin>:1: WARNING: length "16" of key "test-db-key" does not match the length "32" of the current cipher setting
HINT: Create a new principal key and set it instead of the current one.
Unanswered | Unsolved | Solved
MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright © 2006 - 2024 Percona LLC. All rights reserved.