It seems the pgsodium.key.status field can be incoherent with the real status of the key when it expires:
=# select * from pgsodium.create_key(expires => 'yesterday');
id | name | status | key_type | key_id | key_context | created | expires | associated_data
----+------+--------+----------+--------+-------------+---------+---------+-----------------
| | | | | | | |
(1 row)
=# select * from pgsodium.key \gx
-[ RECORD 1 ]---+-------------------------------------
id | 77421bb0-2489-4b5e-8a05-9a7e49bcb778
status | valid -- <=== created as valid
created | 2023-02-08 20:56:00.987969+01
expires | 2023-02-07 00:00:00+01 -- <=== is expired !
key_type | aead-det
key_id | 1
[...]
Moreover, actual result of pgsodium.create_key() might seem confusing as it returns an empty line from view pgsodium.valid_key whereas the key is actually created.
Hi,
It seems the
pgsodium.key.statusfield can be incoherent with the real status of the key when it expires:Moreover, actual result of
pgsodium.create_key()might seem confusing as it returns an empty line from viewpgsodium.valid_keywhereas the key is actually created.