Hi Zahir, pgsodium is a new-ish encyption extension built around the libsodium encryption API.
https://github.com/michelp/pgsodium It supports calling a script to load a hidden key in memory and use that key to derive other keys. There's an example shown in the documentation. I'm working on support for the Zymkey hardware security module, as well as support for the AWS key management API. -Michel On Sat, Jul 4, 2020 at 11:22 PM Zahir Lalani <ZahirLalani@oliver.agency> wrote: > Hello > > > > Does anyone have any serious experience of implementing app level > encryption with strong key management? > > > > If so would like to arrange an offline chat please > > > > Z >
