up vote 0 down vote favorite

I'm generating a salt using the openssl_random_pseudo_bytes function in php. However, I am unable to store the output into a PostgreSQL database.

I get an error:

ERROR: invalid byte sequence for encoding "UTF8"

Now I realize the encoding of the database in question is set to UTF8, and that the output of the function doesn't match, but what is the correct way of solving this?

This is a random salt, and I'm worried that converting it to UTF8 via whatever process will not make it cryptographically safe anymore?

share|improve this question
2  
It is binary data, so treat it as such. That means LOB in PDO or equivalent in the adapter of your choice. – deceze Mar 6 at 7:57
1  
Converting to UTF8 is operation on text data, it has nothing to do with binary data. You haven't shown your code but it seems you have error in that - you are trying to convert binary into string. – lechlukasz Mar 6 at 8:03
OK, yeah, I'm trying to store it in a column that is a data type of VARCHAR, so I guess I need to change the data type. What is the most appropriate? – Daniel Carvalho Mar 6 at 8:06
1  
OK cool, I was busy checking out bytea but wasn't 100% it was the correct data type. Thanks. – Daniel Carvalho Mar 6 at 8:11

1 Answer

up vote 1 down vote accepted

The openssl_random_pseudo_bytes function outputs binary data, and I was trying to store the output in a database field of data type character varying, mistakenly treating it like a string.

bytea is the correct data type for the field in the PostgreSQL database.

http://www.postgresql.org/docs/9.2/interactive/datatype-binary.html

Update: Also, it seems you need to use pg_escape_bytea on the output to be able to actually insert the binary data into the database.

Thanks to deceze, lechlukasz, and VolkerK in the comments for providing the answer.

share|improve this answer

Your Answer

 
or
required, but never shown
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.