pg_enigma

Encrypted postgres data type

Overview

Package	Version	Category	License	Language
`pg_enigma`	`0.5.0`	SEC	MIT	Rust

ID	Extension	Bin	Lib	Load	Create	Trust	Reloc	Schema
7070	`pg_enigma`	No	Yes	No	Yes	No	No	-

Related	`pgsodium` `pgcryptokey` `pgcrypto` `pg_tde`

Version

Type	Repo	Version	PG Ver	Package	Deps
EXT	PIGSTY	`0.5.0`	1817161514	`pg_enigma`	-
RPM	PIGSTY	`0.5.0`	1817161514	`pg_enigma_$v`	-
DEB	PIGSTY	`0.5.0`	1817161514	`postgresql-$v-enigma`	-

OS / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PIGSTY 0.5.0 el8.x86_64.pg18 : pg_enigma_18 pg_enigma_18-0.5.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el8.x86_64.pg17 : pg_enigma_17 pg_enigma_17-0.5.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el8.x86_64.pg16 : pg_enigma_16 pg_enigma_16-0.5.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el8.x86_64.pg15 : pg_enigma_15 pg_enigma_15-0.5.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el8.x86_64.pg14 : pg_enigma_14 pg_enigma_14-0.5.0-1PIGSTY.el8.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB
el8.aarch64	PIGSTY 0.5.0 el8.aarch64.pg18 : pg_enigma_18 pg_enigma_18-0.5.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.5.0 · 1.3MiB	PIGSTY 0.5.0 el8.aarch64.pg17 : pg_enigma_17 pg_enigma_17-0.5.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.5.0 · 1.3MiB	PIGSTY 0.5.0 el8.aarch64.pg16 : pg_enigma_16 pg_enigma_16-0.5.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.5.0 · 1.3MiB	PIGSTY 0.5.0 el8.aarch64.pg15 : pg_enigma_15 pg_enigma_15-0.5.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.5.0 · 1.3MiB	PIGSTY 0.5.0 el8.aarch64.pg14 : pg_enigma_14 pg_enigma_14-0.5.0-1PIGSTY.el8.aarch64.rpm PIGSTY · 0.5.0 · 1.3MiB
el9.x86_64	PIGSTY 0.5.0 el9.x86_64.pg18 : pg_enigma_18 pg_enigma_18-0.5.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el9.x86_64.pg17 : pg_enigma_17 pg_enigma_17-0.5.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el9.x86_64.pg16 : pg_enigma_16 pg_enigma_16-0.5.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el9.x86_64.pg15 : pg_enigma_15 pg_enigma_15-0.5.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el9.x86_64.pg14 : pg_enigma_14 pg_enigma_14-0.5.0-1PIGSTY.el9.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB
el9.aarch64	PIGSTY 0.5.0 el9.aarch64.pg18 : pg_enigma_18 pg_enigma_18-0.5.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el9.aarch64.pg17 : pg_enigma_17 pg_enigma_17-0.5.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el9.aarch64.pg16 : pg_enigma_16 pg_enigma_16-0.5.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el9.aarch64.pg15 : pg_enigma_15 pg_enigma_15-0.5.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el9.aarch64.pg14 : pg_enigma_14 pg_enigma_14-0.5.0-1PIGSTY.el9.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB
el10.x86_64	PIGSTY 0.5.0 el10.x86_64.pg18 : pg_enigma_18 pg_enigma_18-0.5.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el10.x86_64.pg17 : pg_enigma_17 pg_enigma_17-0.5.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el10.x86_64.pg16 : pg_enigma_16 pg_enigma_16-0.5.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el10.x86_64.pg15 : pg_enigma_15 pg_enigma_15-0.5.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB	PIGSTY 0.5.0 el10.x86_64.pg14 : pg_enigma_14 pg_enigma_14-0.5.0-1PIGSTY.el10.x86_64.rpm PIGSTY · 0.5.0 · 1.6MiB
el10.aarch64	PIGSTY 0.5.0 el10.aarch64.pg18 : pg_enigma_18 pg_enigma_18-0.5.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el10.aarch64.pg17 : pg_enigma_17 pg_enigma_17-0.5.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el10.aarch64.pg16 : pg_enigma_16 pg_enigma_16-0.5.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el10.aarch64.pg15 : pg_enigma_15 pg_enigma_15-0.5.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB	PIGSTY 0.5.0 el10.aarch64.pg14 : pg_enigma_14 pg_enigma_14-0.5.0-1PIGSTY.el10.aarch64.rpm PIGSTY · 0.5.0 · 1.4MiB
d12.x86_64	PIGSTY 0.5.0 d12.x86_64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.x86_64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.x86_64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.x86_64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.x86_64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~bookworm_amd64.deb PIGSTY · 0.5.0 · 3.1KiB
d12.aarch64	PIGSTY 0.5.0 d12.aarch64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.aarch64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.aarch64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.aarch64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d12.aarch64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~bookworm_arm64.deb PIGSTY · 0.5.0 · 3.1KiB
d13.x86_64	PIGSTY 0.5.0 d13.x86_64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.x86_64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.x86_64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.x86_64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.x86_64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~trixie_amd64.deb PIGSTY · 0.5.0 · 3.1KiB
d13.aarch64	PIGSTY 0.5.0 d13.aarch64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.aarch64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.aarch64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.aarch64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.5.0 · 3.1KiB	PIGSTY 0.5.0 d13.aarch64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~trixie_arm64.deb PIGSTY · 0.5.0 · 3.1KiB
u22.x86_64	PIGSTY 0.5.0 u22.x86_64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.x86_64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.x86_64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.x86_64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.x86_64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~jammy_amd64.deb PIGSTY · 0.5.0 · 1.9KiB
u22.aarch64	PIGSTY 0.5.0 u22.aarch64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.aarch64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.aarch64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.aarch64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u22.aarch64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~jammy_arm64.deb PIGSTY · 0.5.0 · 1.9KiB
u24.x86_64	PIGSTY 0.5.0 u24.x86_64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.x86_64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.x86_64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.x86_64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.x86_64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~noble_amd64.deb PIGSTY · 0.5.0 · 1.9KiB
u24.aarch64	PIGSTY 0.5.0 u24.aarch64.pg18 : postgresql-18-enigma postgresql-18-enigma_0.5.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.aarch64.pg17 : postgresql-17-enigma postgresql-17-enigma_0.5.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.aarch64.pg16 : postgresql-16-enigma postgresql-16-enigma_0.5.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.aarch64.pg15 : postgresql-15-enigma postgresql-15-enigma_0.5.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.5.0 · 1.9KiB	PIGSTY 0.5.0 u24.aarch64.pg14 : postgresql-14-enigma postgresql-14-enigma_0.5.0-1PIGSTY~noble_arm64.deb PIGSTY · 0.5.0 · 1.9KiB

Build

You can build the RPM / DEB packages for pg_enigma using pig build:

pig build pkg pg_enigma         # build RPM / DEB packages

Install

You can install pg_enigma directly. First, make sure the PGDG and PIGSTY repositories are added and enabled:

pig repo add pgsql -u          # Add repo and update cache

Install the extension using pig or apt/yum/dnf:

pig install pg_enigma;          # Install for current active PG version

pig ext install -y pg_enigma -v 18  # PG 18
pig ext install -y pg_enigma -v 17  # PG 17
pig ext install -y pg_enigma -v 16  # PG 16
pig ext install -y pg_enigma -v 15  # PG 15
pig ext install -y pg_enigma -v 14  # PG 14

dnf install -y pg_enigma_18       # PG 18
dnf install -y pg_enigma_17       # PG 17
dnf install -y pg_enigma_16       # PG 16
dnf install -y pg_enigma_15       # PG 15
dnf install -y pg_enigma_14       # PG 14

apt install -y postgresql-18-enigma   # PG 18
apt install -y postgresql-17-enigma   # PG 17
apt install -y postgresql-16-enigma   # PG 16
apt install -y postgresql-15-enigma   # PG 15
apt install -y postgresql-14-enigma   # PG 14

Create Extension:

CREATE EXTENSION pg_enigma;

Usage

pg_enigma: Encrypted data type for PostgreSQL using PGP and RSA keys

pg_enigma provides an Enigma encrypted data type for PostgreSQL that encrypts data at rest using PGP or OpenSSL RSA keys. Data is stored encrypted and only decrypted when the private key is loaded into memory.

CREATE EXTENSION IF NOT EXISTS pg_enigma;

PGP Key Encryption

-- Create a table with an encrypted column (key slot 2)
CREATE TABLE test_pgp (
    id SERIAL,
    val Enigma(2)
);

-- Load the public key for encryption
SELECT set_public_key_from_file(2, '/path/to/public-key.asc');

-- Insert data (automatically encrypted with the public key)
INSERT INTO test_pgp (val) VALUES ('A secret value'::Text);

-- Without private key, SELECT returns encrypted PGP message
SELECT * FROM test_pgp;

-- Load private key to enable decryption
SELECT set_private_key_from_file(2, '/path/to/private-key.asc', 'passphrase');

-- Now SELECT returns decrypted plaintext
SELECT * FROM test_pgp;
-- id |      val
-- ----+----------------
--   1 | A secret value

-- Remove private key from memory
SELECT forget_private_key(2);
-- Subsequent SELECTs return encrypted data again

RSA Key Encryption

CREATE TABLE test_rsa (
    id SERIAL,
    val Enigma(3)
);

SELECT set_public_key_from_file(3, '/path/to/alice_public.pem');
INSERT INTO test_rsa (val) VALUES ('Another secret value'::Text);

SELECT set_private_key_from_file(3, '/path/to/alice_private.pem', 'passphrase');
SELECT * FROM test_rsa;

SELECT forget_private_key(3);

Functions

Function	Description
`set_public_key_from_file(slot, path)`	Load a public key for encryption
`set_private_key_from_file(slot, path, passphrase)`	Load a private key for decryption
`forget_private_key(slot)`	Remove private key from memory

Feedback

Was this page helpful?

Thanks for the feedback! Please let us know how we can improve.

Sorry to hear that. Please let us know how we can improve.

Last Modified 2026-03-12: add pg extension catalog (95749bf)