crypto: add `GenerateIV` from random IV generation (#6215)

This commit adds a `GenerateIV` function to simplify the generation of random IVs. It adds some unit tests for `GenerateIV` in key_test.go
6 years ago · 76c423392a
parent 8e6d756e3a
commit 76c423392a
2 changed files with 41 additions and 2 deletions
--- a/cmd/crypto/key.go
+++ b/cmd/crypto/key.go
@ -35,8 +35,8 @@ import (
 type ObjectKey [32]byte
 // GenerateKey generates a unique ObjectKey from a 256 bit external key
-// and a source of randomness. If random is nil the default PRNG of system
+// and a source of randomness. If random is nil the default PRNG of the
-// (crypto/rand) is used.
+// system (crypto/rand) is used.
 func GenerateKey(extKey [32]byte, random io.Reader) (key ObjectKey) {
 	if random == nil {
 		random = rand.Reader
@ -52,6 +52,19 @@ func GenerateKey(extKey [32]byte, random io.Reader) (key ObjectKey) {
 	return key
 }
 // GenerateIV generates a new random 256 bit IV from the provided source
 // of randomness. If random is nil the default PRNG of the system
 // (crypto/rand) is used.
 func GenerateIV(random io.Reader) (iv [32]byte) {
 	if random == nil {
 		random = rand.Reader
 	}
 	if _, err := io.ReadFull(random, iv[:]); err != nil {
 		logger.CriticalIf(context.Background(), errOutOfEntropy)
 	}
 	return iv
 }
 // SealedKey represents a sealed object key. It can be stored
 // at an untrusted location.
 type SealedKey struct {
--- a/cmd/crypto/key_test.go
+++ b/cmd/crypto/key_test.go
@ -61,6 +61,32 @@ func TestGenerateKey(t *testing.T) {
 	}
 }
 var generateIVTests = []struct {
 	Random     io.Reader
 	ShouldPass bool
 }{
 	{Random: nil, ShouldPass: true},              // 0
 	{Random: rand.Reader, ShouldPass: true},      // 1
 	{Random: shortRandom(32), ShouldPass: true},  // 2
 	{Random: shortRandom(31), ShouldPass: false}, // 3
 }
 func TestGenerateIV(t *testing.T) {
 	defer func(disableLog bool) { logger.Disable = disableLog }(logger.Disable)
 	logger.Disable = true
 	for i, test := range generateIVTests {
 		i, test := i, test
 		func() {
 			defer recoverTest(i, test.ShouldPass, t)
 			iv := GenerateIV(test.Random)
 			if iv == [32]byte{} {
 				t.Errorf("Test %d: generated IV is zero IV", i) // check that we generate random and unique IV
 			}
 		}()
 	}
 }
 var sealUnsealKeyTests = []struct {
 	SealExtKey, SealIV                 [32]byte
 	SealDomain, SealBucket, SealObject string