crypto: add GenerateIV from random IV generation (#6215)

This commit adds a `GenerateIV` function to simplify the generation of random IVs. It adds some unit tests for `GenerateIV` in key_test.go
2025-11-09 21:49:46 -05:00 · 2018-08-01 10:02:07 +02:00
parent 8e6d756e3a
commit 76c423392a
2 changed files with 41 additions and 2 deletions
--- a/cmd/crypto/key.go
+++ b/cmd/crypto/key.go
@@ -35,8 +35,8 @@ import (
 type ObjectKey [32]byte

 // GenerateKey generates a unique ObjectKey from a 256 bit external key
-// and a source of randomness. If random is nil the default PRNG of system
-// (crypto/rand) is used.
+// and a source of randomness. If random is nil the default PRNG of the
+// system (crypto/rand) is used.
 func GenerateKey(extKey [32]byte, random io.Reader) (key ObjectKey) {
 	if random == nil {
 		random = rand.Reader
@@ -52,6 +52,19 @@ func GenerateKey(extKey [32]byte, random io.Reader) (key ObjectKey) {
 	return key
 }

+// GenerateIV generates a new random 256 bit IV from the provided source
+// of randomness. If random is nil the default PRNG of the system
+// (crypto/rand) is used.
+func GenerateIV(random io.Reader) (iv [32]byte) {
+	if random == nil {
+		random = rand.Reader
+	}
+	if _, err := io.ReadFull(random, iv[:]); err != nil {
+		logger.CriticalIf(context.Background(), errOutOfEntropy)
+	}
+	return iv
+}
+
 // SealedKey represents a sealed object key. It can be stored
 // at an untrusted location.
 type SealedKey struct {