Don't store the given public keys in the seal config

2025-11-01 19:17:58 +00:00 · 2015-08-25 09:46:33 -07:00
parent ee10f1a565
commit efccbcd23e
2 changed files with 1 additions and 6 deletions
--- a/command/init_test.go
+++ b/command/init_test.go
@@ -206,11 +206,6 @@ func TestInit_PGP(t *testing.T) {
 	expected := &vault.SealConfig{
 		SecretShares:    3,
 		SecretThreshold: 2,
-		SecretPGPKeys: []string{
-			strings.Replace(pubKey1, "\n", "", -1),
-			strings.Replace(pubKey2, "\n", "", -1),
-			strings.Replace(pubKey3, "\n", "", -1),
-		},
 	}
 	if !reflect.DeepEqual(expected, sealConf) {
 		t.Fatalf("bad:\nexpected: %#v\ngot: %#v", expected, sealConf)
--- a/vault/core.go
+++ b/vault/core.go
@@ -89,7 +89,7 @@ type SealConfig struct {
 	// if requested, to encrypt the output unseal tokens. If
 	// provided, it sets the value of SecretShares. Ordering
 	// is important.
-	SecretPGPKeys []string `json:"secret_pgp_keys"`
+	SecretPGPKeys []string `json:"-"`

 	// SecretThreshold is the number of parts required
 	// to open the vault. This is the T value of Shamir