letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Deprecated goodkey.BlockedKeyFile (#7749) 

This config field duplicates functionality that is better provided by
the blockedKeys database table. We should only have one mechanism for
blocking keys, so this one should be removed.

Mark it deprecated as a warning to any downstream consumers of Boulder.

Part of https://github.com/letsencrypt/boulder/issues/7748
This commit is contained in:
Aaron Gable 2024-10-07 12:00:45 -07:00 committed by GitHub
parent d656afce78
commit 08615e3898
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
goodkey/good_key.go
View File

@ -49,6 +49,9 @@ type Config struct {
// BlockedKeyFile is the path to a YAML file containing base64-encoded SHA256
// hashes of PKIX Subject Public Keys that should be blocked. If this config
// value is empty, then blocked key checking will be disabled.
//
// Deprecated: This functionality is better performed by the blockedKeys database
// table, and will be removed in a future release.
BlockedKeyFile string
// FermatRounds is an integer number of rounds of Fermat's factorization
// method that should be performed to attempt to detect keys whose modulus can