Remove superfluous `GetChallengePassword`

authority/provisioner/scep.go

@@ -201,11 +201,6 @@ func (s *SCEP) AuthorizeSign(ctx context.Context, token string) ([]SignOption, e
 	}, nil
 }
 
-// GetChallengePassword returns the challenge password
-func (s *SCEP) GetChallengePassword() string {
-	return s.ChallengePassword
-}
-
 // GetCapabilities returns the CA capabilities
 func (s *SCEP) GetCapabilities() []string {
 	return s.Capabilities
@@ -236,7 +231,7 @@ func (s *SCEP) ValidateChallenge(ctx context.Context, challenge, transactionID s
 	case validationMethodWebhook:
 		return s.challengeValidationController.Validate(ctx, challenge, transactionID)
 	default:
-		if subtle.ConstantTimeCompare([]byte(s.secretChallengePassword), []byte(challenge)) == 0 {
+		if subtle.ConstantTimeCompare([]byte(s.ChallengePassword), []byte(challenge)) == 0 {
 			return errors.New("invalid challenge password provided")
 		}
 		return nil
@@ -259,7 +254,7 @@ func (s *SCEP) selectValidationMethod() validationMethod {
 	if len(s.challengeValidationController.webhooks) > 0 {
 		return validationMethodWebhook
 	}
-	if s.secretChallengePassword != "" {
+	if s.ChallengePassword != "" {
 		return validationMethodStatic
 	}
 	return validationMethodNone

authority/provisioners.go

@@ -1223,7 +1223,7 @@ func ProvisionerToLinkedca(p provisioner.Interface) (*linkedca.Provisioner, erro
 				Data: &linkedca.ProvisionerDetails_SCEP{
 					SCEP: &linkedca.SCEPProvisioner{
 						ForceCn:                       p.ForceCN,
-						Challenge:                     p.GetChallengePassword(),
+						Challenge:                     p.ChallengePassword,
 						Capabilities:                  p.Capabilities,
 						MinimumPublicKeyLength:        int32(p.MinimumPublicKeyLength),
 						IncludeRoot:                   p.IncludeRoot,