Currently, it is my understanding that the pgcrypto library requires the user to send a password or private key up to the server for decryption. Is there a notion of a client-side encrypt/decrypt plugin when doing a postgres query? For example, a user could query postgres, get back data of type "encrypted", and a "libpq" plugin could decode/decrypt those columns that are of data type "encrypted".... in a manner transparent to the user of the client.... Obviously I could write this by intercepting the relevant libpq calls using LD_PRELOAD or Microsoft's "Detours" ... but it there a better way to do that? - Erik
