2603aa45a8
Goodkey has two ways to detect a key as weak: it runs a variety of algorithmic checks (such as Fermat factorization and rocacheck), or the key can be listed in a "weak key file". Similarly, it has two ways to detect a key as blocked: it can call a generic function (which we use to query our database), or the key can be listed in a "blocked key file". This is two methods too many. Reliance on files of weak or blocked keys introduces unnecessary complexity to both the implementation and configuration of the goodkey package. Remove both "key file" options and delete all code which supported them. Also remove //test/block-a-key, as it was only used to generate these test files. IN-10762 tracked the removal of these files in prod. Fixes https://github.com/letsencrypt/boulder/issues/7748 |
||
|---|---|---|
| .. | ||
| cert.go | ||
| cert_test.go | ||
| crl.go | ||
| crl_test.go | ||
| issuer.go | ||
| issuer_test.go | ||