mirror of
https://github.com/minio/minio.git
synced 2024-12-24 22:25:54 -05:00
crypto: add GenerateIV
from random IV generation (#6215)
This commit adds a `GenerateIV` function to simplify the generation of random IVs. It adds some unit tests for `GenerateIV` in key_test.go
This commit is contained in:
parent
8e6d756e3a
commit
76c423392a
@ -35,8 +35,8 @@ import (
|
|||||||
type ObjectKey [32]byte
|
type ObjectKey [32]byte
|
||||||
|
|
||||||
// GenerateKey generates a unique ObjectKey from a 256 bit external key
|
// GenerateKey generates a unique ObjectKey from a 256 bit external key
|
||||||
// and a source of randomness. If random is nil the default PRNG of system
|
// and a source of randomness. If random is nil the default PRNG of the
|
||||||
// (crypto/rand) is used.
|
// system (crypto/rand) is used.
|
||||||
func GenerateKey(extKey [32]byte, random io.Reader) (key ObjectKey) {
|
func GenerateKey(extKey [32]byte, random io.Reader) (key ObjectKey) {
|
||||||
if random == nil {
|
if random == nil {
|
||||||
random = rand.Reader
|
random = rand.Reader
|
||||||
@ -52,6 +52,19 @@ func GenerateKey(extKey [32]byte, random io.Reader) (key ObjectKey) {
|
|||||||
return key
|
return key
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// GenerateIV generates a new random 256 bit IV from the provided source
|
||||||
|
// of randomness. If random is nil the default PRNG of the system
|
||||||
|
// (crypto/rand) is used.
|
||||||
|
func GenerateIV(random io.Reader) (iv [32]byte) {
|
||||||
|
if random == nil {
|
||||||
|
random = rand.Reader
|
||||||
|
}
|
||||||
|
if _, err := io.ReadFull(random, iv[:]); err != nil {
|
||||||
|
logger.CriticalIf(context.Background(), errOutOfEntropy)
|
||||||
|
}
|
||||||
|
return iv
|
||||||
|
}
|
||||||
|
|
||||||
// SealedKey represents a sealed object key. It can be stored
|
// SealedKey represents a sealed object key. It can be stored
|
||||||
// at an untrusted location.
|
// at an untrusted location.
|
||||||
type SealedKey struct {
|
type SealedKey struct {
|
||||||
|
@ -61,6 +61,32 @@ func TestGenerateKey(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var generateIVTests = []struct {
|
||||||
|
Random io.Reader
|
||||||
|
ShouldPass bool
|
||||||
|
}{
|
||||||
|
{Random: nil, ShouldPass: true}, // 0
|
||||||
|
{Random: rand.Reader, ShouldPass: true}, // 1
|
||||||
|
{Random: shortRandom(32), ShouldPass: true}, // 2
|
||||||
|
{Random: shortRandom(31), ShouldPass: false}, // 3
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestGenerateIV(t *testing.T) {
|
||||||
|
defer func(disableLog bool) { logger.Disable = disableLog }(logger.Disable)
|
||||||
|
logger.Disable = true
|
||||||
|
|
||||||
|
for i, test := range generateIVTests {
|
||||||
|
i, test := i, test
|
||||||
|
func() {
|
||||||
|
defer recoverTest(i, test.ShouldPass, t)
|
||||||
|
iv := GenerateIV(test.Random)
|
||||||
|
if iv == [32]byte{} {
|
||||||
|
t.Errorf("Test %d: generated IV is zero IV", i) // check that we generate random and unique IV
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
var sealUnsealKeyTests = []struct {
|
var sealUnsealKeyTests = []struct {
|
||||||
SealExtKey, SealIV [32]byte
|
SealExtKey, SealIV [32]byte
|
||||||
SealDomain, SealBucket, SealObject string
|
SealDomain, SealBucket, SealObject string
|
||||||
|
Loading…
Reference in New Issue
Block a user