Re: BUG #16677: pgcrypto.pgp_key_id() thinks that a PGP message containing multiple packets is a full keyring. - Mailing list pgsql-bugs

From Charles Heywood
Subject Re: BUG #16677: pgcrypto.pgp_key_id() thinks that a PGP message containing multiple packets is a full keyring.
Date
Msg-id CAF5q=DH0Mptfw6X3ua3HKuo7JamNV4zc4TscfPHBHscCxGcKZw@mail.gmail.com
Whole thread Raw
In response to BUG #16677: pgcrypto.pgp_key_id() thinks that a PGP message containing multiple packets is a full keyring.  (PG Bug reporting form <noreply@postgresql.org>)
List pgsql-bugs
I have set up a Gist with a full example. I forgot the `CREATE SCHEMA`
line, and the mailing list automatically broke up one of my lines.

https://gist.github.com/RyanSquared/1b14850611e46059432378d8e892669d

On Fri, Oct 16, 2020 at 6:53 PM PG Bug reporting form
<noreply@postgresql.org> wrote:
>
> The following bug has been logged on the website:
>
> Bug reference:      16677
> Logged by:          Ryan
> Email address:      vandor2012@gmail.com
> PostgreSQL version: 12.4
> Operating system:   Pop!_OS (Ubuntu derivative) 20.04
> Description:
>
> When using the `pgcrypto.pgp_key_id()` function with a dearmored output from
> `gpg --export --armor --export-options export-minimal,no-export-attributes
> 8333F292B1BBD334A61E6F566785F7AF28DE7081`, I am given the following error:
>
> ERROR:  Several keys given - pgcrypto does not handle keyring
>
> I believe that pgcrypto thinks that each packet in the PGP message is a key.
> When using the `gpgsplit` command with the output from the above GPG
> command, I can see 5 packets:
>
> 1. The PGP public key. This is the packet that should be used for the
> `pgp_key_id()` function.
> 2. The first UID attached to that key.
> 3. A signature verifying the aforementioned UID.
> 4. The second UID attached to that key.
> 5. A signature verifying the second aforementioned UID.
>
> Below, I have included a full set of code that should reproduce this:
>
> ```
> CREATE EXTENSION pgcrypto SCHEMA pgcrypto;
> SELECT pgcrypto.pgp_key_id(pgcrypto.dearmor($$-----BEGIN PGP PUBLIC KEY
> BLOCK-----
> mQENBF1lrTcBCACwH7BO2EJGgIHDwo3jUyHnqKg6r5qE6SSFlCLkCeVsekTQcAfw
> IaCt/MBDNiPrEnKfTT0j+jEiEvoZMEpL8XCpGxSj3LWj4uJY+/P+7K73gUDguPWF
> ERJlsxqecjxqZpr7buQI9FN3sYIWxjK4b12OI6TzjSf9LUwl5lSvBCx0jVLeSV+N
> V0jZQJ+iNC4SPB5qSdlvykl5n9+1t/B3anMZdXFJpnuqTYLNTGCr82MkMR5iredh
> IDnBatpRlMO47lWlVOXi0s5MOdErUUQKX64lyQG0j/fsyo+5BBROLf2fczrIVRRl
> IaQ8XkyTCdOSZnFyX3/ngelcIPrSgMpYqljdABEBAAG0P1J5YW4gSGV5d29vZCAo
> UnlhblNxdWFyZWQgLSBZdWJpa2V5IDVDIE5hbm8pIDxyeWFuQGhhc2hiYW5nLnNo
> PokBVAQTAQoAPhYhBIMz8pKxu9M0ph5vVmeF968o3nCBBQJdZa03AhsDBQkDwmcA
> BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGeF968o3nCB38wIAIwfteKojzfh
> zPNaUHQ4Czh5BYtnHMQh4W30x3wBu1FHZubl5PlkSj1rnMxMzu75Y4pjKAJdFRr5
> q6I6TUcZUOLPjQqzKBYYzaE5F2qUnPaAqTqw1bXaoX0s3af3zNY7B7VNBphMPIt5
> 7H9RugqhY7xc0QBGY9JdBSpW0h+1ggtie76nRrZA4zK1sltHLQZMJFh5K/BgXn1k
> 2iwiRC9Jt7p01AYvipB03Lh1lUxAP/alsiXCFHfJ3PL1exXEwukH0ROAVpRKD1so
> +lN8BpApLEpCF7sdOruMDfzGMSVdwsPuawQHWxGgZAOeQttUm/LjEiZd6czRZmi5
> pcnM9eAaXf20I1J5YW4gSGV5d29vZCA8dmFuZG9yMjAxMkBnbWFpbC5jb20+iQFU
> BBMBCgA+FiEEgzPykrG70zSmHm9WZ4X3ryjecIEFAl3x3FkCGwMFCQPCZwAFCwkI
> BwIGFQoJCAsCBBYCAwECHgECF4AACgkQZ4X3ryjecIFNeQf/YIeML5ptYdZE+tC1
> zbkX30elzYL4fYLzIhGv4IFB9KgxaDQUPWmxY3833D8BkBXF/w9RkS+kzgrSvY2j
> v7DA5uhq3TnioVarXCy5Dpnih9KsmamovQln/ZC97vAnzjw1m9R+z8kBnyDRuggp
> TwO7WgKhWWtrFRWbNaf3NHvG8JOQlGBX3eNqmFX7LVjMSh0xubVMM2laSzIhYYR9
> n+URpt39QTkYkfeGAgkYAOCnbzIvg6wFwFHhA7GHTuS+qW3DKkqhYHVt/u8ZSUWX
> JtBBGo+cTEHafafBsWkYvzpet+h4EeuFCu1YtU49NUGggUTj+3PukZCnNWcjrAh2
> trZBzrkBDQRdZa03AQgAxHn96AR42unTdV7VJrfnXG+wJQ3XZGmb6DnU5NqVrdt0
> Dv0/QrN1HjmYw4K4IzrAC7ebNXHzUNml1tr77mjlHmEekbdkvZngiP+8ncfcxwo8
> xQi3ircZVKsnek+lDx65sg6+nFgfwtftANQri+4wi+a6y4ocxFSFd2O2jPkrdjAE
> QBjFlgzBcJGi96bJcYi95XY3vWHS1sonCYjSXw7CSqqCpD6TbnjqNSvH3yCfsj1c
> kcDkk6TAui5H80eI7CEFd4VDGPiLqed/K65NGaViAv87m9cOja8o7eSrAM99+FG6
> SbMjChmGcpFIYE2gCyFpVESU851gJI63ZTTfosirDwARAQABiQE8BBgBCgAmFiEE
> gzPykrG70zSmHm9WZ4X3ryjecIEFAl1lrTcCGyAFCQPCZwAACgkQZ4X3ryjecIFR
> HAf+K7TvFZM+Ny+sA0bgI/LmRoIrn3r6t49tNARIDEN4eBAZLR6dhE1RzQAagIrA
> rTsmybBQODmXVj5RKgkOTglRjVy8EEO6eqKZ5sfxBSzw3NHOHn+thI+7yqaXf34b
> 74249zoNI4/ezB20UaJOtnjSHo6IJ20gkltB0BR0tyelfcEgxlO1jYUUNJcLFzfz
> /FvGbx3TC18bddmLykuD6kIOK2nG0IGoi11LMMr3K4JLP5U+DxnAShGY2KNRF+Gx
> RAIhKZ/VqwLAd90Nv15uPgtu7wcsEluM6Uq/foxOLMNnt5MYWI36YA/OpHhsXovx
> hYyQTkJTayYjY5/cQDDliSH2iLkBDQRdZa03AQgAqNLJN4ARHT37/9B3iEsuasbu
> jRtLVGboNAMMtw4lYjinKuFBlcvbKI4DZyqkA3oRm1jxEkGC3sBD4a15x7OktN9x
> K1b43B9GXQ/ZIgXd4fWAafrY7oJcWTYfaXOfTj4aOZJfICVAV4x+UvCYyf4uXmrE
> IRcIfmhsAgoJbNyt5q67sHdJe0gqwgqSq7cmKZqdBDQzK7lTf6hY6ygTEy6sr2Dr
> S+QGG9uFWsD3Y9NHDLfptYyU5uPA5BOhREVIaVrrYmBphqiszvuxrMxMcAj/X2vB
> RPN1yDYp6Pvn7rYC5Xi+9h0VAGKYjmJ/9JzZBwaCqX4KMr269WMZ+QV4w2sHuQAR
> AQABiQE8BBgBCgAmFiEEgzPykrG70zSmHm9WZ4X3ryjecIEFAl1lrTcCGwwFCQPC
> ZwAACgkQZ4X3ryjecIE+twf9EMrYtF1wk7Wx2vUVtXJRYHRE9/R3Qvr00FnOhg5N
> v2OWFBOwD5O7xJ0YSPD7W7+pdEUzYIsCEFL4HO645Z1PXQ1Iu1R4Xjhh5ZQTHy0w
> N389dXw21Er7WC6tvDf3/+sFni5LkkzeTK45X+VExvRfMSVgboHEtysju+6GhnC5
> bT4volWULkxGuoKGM9qWIkgMzOh5PSdvdfgvvCWUzDpatjIj13caEDOKHtc2AurQ
> QoyE6kCd1WqbmuJau1tmp4INWm0MZWrtF84A4I/AM4POMMErqV7N8aQYyezV2udO
> BLNCVZqTB1eoWIx+kgvigetwlhHmIEpM9V0tLSPcfKtT+w==
> =8MvD
> -----END PGP PUBLIC KEY BLOCK-----
> $$));
> ```
>


-- 
Ryan Heywood | vandor2012@gmail.com | ryan@hashbang.sh
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`



pgsql-bugs by date:

Previous
From: PG Bug reporting form
Date:
Subject: BUG #16677: pgcrypto.pgp_key_id() thinks that a PGP message containing multiple packets is a full keyring.
Next
From: "Thangavel, Parameswaran"
Date:
Subject: PostgresSQL 10 | Driver 42.2.5 | Float Conversion Issue