While these invalidated keys should never be used, we need to ensure they're not predictable in case there are edge cases where some parts of the system still try and utilise them.
Anything trying to decrypt will fail, but possibly they're used for initialising other sensitive bits of the site like we had in SecretBasedJwksFactory so it makes senes to make them not predictable.
See https://github.com/genecommerce/module-encryption-key-manager/issues/22
While these invalidated keys should never be used, we need to ensure they're not predictable in case there are edge cases where some parts of the system still try and utilise them.
Anything trying to decrypt will fail, but possibly they're used for initialising other sensitive bits of the site like we had in
SecretBasedJwksFactoryso it makes senes to make them not predictable.Before invalidation
After invalidation