Tom Lane wrote:
> Weslee Bilodeau <[EMAIL PROTECTED]> writes:
>> I'm trying to create a few new types, and based on the type in/out
>> functions will operate a bit differently.
>> For the input function finding the type Oid is easy -
>>   Oid our_type_oid = PG_GETARG_OID(1);
>> For output though I'm having difficulty finding out the type Oid.
> You can't, and if you could, relying on it would be a security hole
> in your function (somebody could invoke the function manually and pass
> it a false OID value).  You have to put everything you need to know
> right into the Datum.

I'm not as worried about them running it manually, since I want it to
operate something like -

select output_function( 'test'::text );

It would have the type OID for text.

select output_function( 'test'::varchar );

It would have the type OID for varchar.

I don't want them to tell me the OID they want, I just want to know what
type the function was called with.

Was it called as a varchar, text, my own type, bytea, etc ?

Is this possible?

A bit of what I'm trying to do -

I'm creating an encrypted data type wrapped around pgcrypto.

create table test ( test enctype );

insert into test values ( 'encrypt_me' );

The value in input is encrypted, then stored using byteain. The key used
to encrypt it is based of the type. So I can use the same functions for
10 different CREATE TYPE statements.

The output function descrypts the value, then hands it off to byteaout.

It works perfectly so long as I used the same key for all my custom
types. When I want a different key for each type though (so for example,
encrypt credit cards with one key, addresses with another, etc) I need a
way to tell them apart.

The long way around is just create a new function for each type, but
that seems messy since at least input can tell what type the input Datum
is. Was hoping output can figure out the Datum type so I can decrypt it.

Basically -

create table test ( card enctype_card, addrress enctype_address );

Both types have different encryption keys.

I know its best to encrypt in the application, and they can log the SQL
on the server, or if your not using SSL it can be read, etc. Can't
change the application to encrypt or use pgcrypto directly.


---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?


Reply via email to