x/crypto/openpgp: only the first packet is considered for openpgp signatures with multiple signature packets

[SeanBurford]

OpenPGP signatures can consist of multiple signature packets. It should be sufficient to trust any of those signatures provided you trust the signing key for that purpose.

go_crypto currently assumes an OpenPGP signature is a single packet

For example, Debian Release signatures contain multiple signature packets signed with Debian's legacy and current keys:

$ gpg --list-packets /tmp/Release.gpg
:signature packet: algo 1, keyid 8B48AD6246925553
    version 4, created 1429960298, md5len 0, sigclass 0x00
    digest algo 8, begin of digest e7 9f
    hashed subpkt 2 len 4 (sig created 2015-04-25)
    subpkt 16 len 8 (issuer key ID 8B48AD6246925553)
    data: [4096 bits]
:signature packet: algo 1, keyid 7638D0442B90D010
    version 4, created 1429960298, md5len 0, sigclass 0x00
    digest algo 8, begin of digest e7 9f
    hashed subpkt 2 len 4 (sig created 2015-04-25)
    subpkt 16 len 8 (issuer key ID 7638D0442B90D010)
    data: [4095 bits]
:signature packet: algo 1, keyid CBF8D6FD518E17E1
    version 4, created 1429960324, md5len 0, sigclass 0x00
    digest algo 8, begin of digest 90 19
    hashed subpkt 2 len 4 (sig created 2015-04-25)
    subpkt 16 len 8 (issuer key ID CBF8D6FD518E17E1)
    data: [4094 bits]

[ianlancetaylor]

CC @agl

[mikioh]

Fixed by golang/crypto@2b8f097.