Storing Vec<u8> in String


#1

So I’m using the ring crate to generate salts and encode user passwords in a db. The question is that from that I get Vec<u8> or [u8; N], which however are not necessarily a valid utf8 strings, thus trying to convert them to a string to store them in that format in the db does not work.
What is the correct way to do this?


#2

There isn’t necessarily one “correct” way to do this. The solution is really dependent on what you’re trying to do and what your constraints are, so I think we’d need more details to answer your question.

Spitballing, I can think of at least two potentially acceptable solutions:

  1. Convert the Vec<u8> to a String and escape any bytes that aren’t valid UTF-8. You can see an example for how to do this here. e.g., If you had vec![102u8, 111u8, 111u8, 255u8] then you’d wind up with the string foo\xFF.
  2. Store the salt, as given, directly in your database using an appropriate type. Usually these types are called “bytes” or “binary”. In PostgreSQL for example, it’s called bytea.

I would probably lean toward (2) myself if I could get away with it.


#3

You can also hex- or Base64-encode your bytes to a valid String.


#4

Another option would be to zero-out the highest bit of every byte, making the string ASCII, which is guaranteed to be UTF-8 compatible. (you might want to generate a bit longer salt to make up for the lost bits)


#5

Another hazard might occur if the raw data has any zero bytes, if the database string type treats that as a terminator.


#6

Would encoding the Vec<u8> to base64 string work fine with with the database?


#7

Yes


#8

Thanks everyone for the suggestions.