Re: pgcrypto: PGP armor headers - Mailing list pgsql-hackers
| From | Heikki Linnakangas |
|---|---|
| Subject | Re: pgcrypto: PGP armor headers |
| Date | |
| Msg-id | 542AC977.4080804@vmware.com Whole thread Raw |
| In response to | Re: pgcrypto: PGP armor headers (Marko Tiikkaja <marko@joh.to>) |
| Responses |
Re: pgcrypto: PGP armor headers
|
| List | pgsql-hackers |
On 09/30/2014 05:45 PM, Marko Tiikkaja wrote:
> On 9/30/14 4:37 PM, Heikki Linnakangas wrote:
>> On 09/29/2014 05:38 PM, Marko Tiikkaja wrote:
>>> Maybe I just suck at $SEARCH_ENGINE, but extracting armor headers
>>> programmatically doesn't seem to be very popular. I could only find one
>>> example, which returned the last instance of the key. But that seemed
>>> to be more an accident than anything else; it wasn't documented and the
>>> source code didn't say anything about it. I also think that's the worst
>>> behaviour. If we can't agree on concatenation, I'd rather see an error.
>>
>> May I ask you why you wrote this patch? What are you doing with the headers?
>
> We're sending arbitrary messages between systems over HTTP(S), and a
> special header is used to tell the recipient system what type of message
> it is. The message types are specific to the domain, but you can think
> of them to be roughly equivalent to MIME types.
Ok. How quaint. :-)
> If what you're trying to get a sense of is why I'd prefer to see
> concatenation, I can't really help you. For our use case (and perhaps
> for everyone else as well) it would actually make more sense to throw an
> error if pgp_armor_header() is used on a key which appears more than
> once. The concatenation behaviour was an attempt at a "one size fits
> all" interface, but now that we're going to also have a
> pgp_armor_headers() function for users to implement the behaviour they
> want themselves, there's no real reason to try and guess what everyone
> wants. I think I'd prefer to see an ERROR in this case now.
I'm actually now leaning towards providing just a single function,
pgp_armor_headers(text, key OUT text, value OUT text), which returns all
the keys and values. That gives maximum flexibility, and leaves it up to
the user to decide what to do with duplicate keys. It's pretty easy to
use that to extract just a single header, too:
postgres=# select * FROM pgp_armor_headers('
-----BEGIN PGP MESSAGE-----
foo: baar
foo: more foo
singlekey: fsdfsd
em9va2E=
=ZZZZ
-----END PGP MESSAGE-----
') where key = 'singlekey'; key | value
-----------+-------- singlekey | fsdfsd
(1 row)
And if you want to concatenate possible duplicates:
postgres=# select string_agg(value, ' ') FROM pgp_armor_headers('
-----BEGIN PGP MESSAGE-----
foo: baar
foo: more foo
singlekey: fsdfsd
em9va2E=
=ZZZZ
-----END PGP MESSAGE-----
') where key = 'foo'; string_agg
--------------- baar more foo
(1 row)
What do you think? Attached patch implements that, but the docs and
regression tests now need adjustment.
- Heikki
pgsql-hackers by date: