The column type would have to be the type of the encrypted value. The type of the unencrypted data could not be enforced by the DB and you would have to rely on code doing the correct thing.
I am however extremely wary of doing it that way. I don't know your requirements of course.
Here is the thing - encrypted stuff is just a weird encoded string. So I can’t really use columns normally.
What I really need is just a huge table with two fields: “token”, “content”
And the token is basically the primary key but encrypted with whatever encryption.
You could even do foreign keys this way.
Hmm I suddenly have an idea. What about a layer above the database that basically enforces foreign keys and joins in this way to support end to end encryption? The content would reference ENCRYPTED foreign keys. Only clients would decrypt stuff.
>What I really need is just a huge table with two fields: “token”, “content”
Sounds more like a key value store and less like a relational database. Although you can store key value data in a relational db of course, there may be a better tool for the job.
I am however extremely wary of doing it that way. I don't know your requirements of course.