c9d678a91a
Update the on-disk format for the root key so that it's wrapped with a unique per-key/per-server key encryption key. This is a bit of security theatre for the current implementation, but it uses `go-kms-wrapping` as the interface for wrapping the key. This provides a shim for future support of external KMS such as cloud provider APIs or Vault transit encryption. * Removes the JSON serialization extension we had on the `RootKey` struct; this struct is now only used for key replication and not for disk serialization, so we don't need this helper. * Creates a helper for generating cryptographically random slices of bytes that properly accounts for short reads from the source. * No observable functional changes outside of the on-disk format, so there are no test updates.
25 lines
633 B
Go
25 lines
633 B
Go
package crypto
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
// note: this is aliased so that it's more noticeable if someone
|
|
// accidentally swaps it out for math/rand via running goimports
|
|
cryptorand "crypto/rand"
|
|
)
|
|
|
|
// Bytes gets a slice of cryptographically random bytes of the given length and
|
|
// enforces that we check for short reads to avoid entropy exhaustion.
|
|
func Bytes(length int) ([]byte, error) {
|
|
key := make([]byte, length)
|
|
n, err := cryptorand.Read(key)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("could not read from random source: %v", err)
|
|
}
|
|
if n < length {
|
|
return nil, errors.New("entropy exhausted")
|
|
}
|
|
return key, nil
|
|
}
|