github.com/letsencrypt/boulder@v0.20251208.0/goodkey/sagoodkey/good_key.go

github.com/letsencrypt/boulder@v0.20251208.0/goodkey/sagoodkey/good_key.go (about)

     1  package sagoodkey
     2  
     3  import (
     4  	"context"
     5  
     6  	"google.golang.org/grpc"
     7  
     8  	"github.com/letsencrypt/boulder/goodkey"
     9  	sapb "github.com/letsencrypt/boulder/sa/proto"
    10  )
    11  
    12  // BlockedKeyCheckFunc is used to pass in the sa.BlockedKey method to KeyPolicy,
    13  // rather than storing a full sa.SQLStorageAuthority. This makes testing
    14  // significantly simpler.
    15  type BlockedKeyCheckFunc func(context.Context, *sapb.SPKIHash, ...grpc.CallOption) (*sapb.Exists, error)
    16  
    17  // NewPolicy returns a KeyPolicy that uses a sa.BlockedKey method.
    18  // See goodkey.NewPolicy for more details about the policy itself.
    19  func NewPolicy(config *goodkey.Config, bkc BlockedKeyCheckFunc) (goodkey.KeyPolicy, error) {
    20  	var genericCheck goodkey.BlockedKeyCheckFunc
    21  	if bkc != nil {
    22  		genericCheck = func(ctx context.Context, keyHash []byte) (bool, error) {
    23  			exists, err := bkc(ctx, &sapb.SPKIHash{KeyHash: keyHash})
    24  			if err != nil {
    25  				return false, err
    26  			}
    27  			return exists.Exists, nil
    28  		}
    29  	}
    30  
    31  	return goodkey.NewPolicy(config, genericCheck)
    32  }