mirror of
https://github.com/kemko/nomad.git
synced 2026-01-01 16:05:42 +03:00
41277f823f
Some packages licensed under MPL-2.0 were incorrectly importing code from packages licensed under BUSL-1.1. Not all imports are fixed here as they will require additional work to untangle them. To help track progress this commit adds a Semgrep rule that detects incorrect BUSL-1.1 imports in MPL-2.0 packages.
28 lines
703 B
Go
28 lines
703 B
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
package crypto
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
// note: this is aliased so that it's more noticeable if someone
|
|
// accidentally swaps it out for math/rand via running goimports
|
|
cryptorand "crypto/rand"
|
|
)
|
|
|
|
// Bytes gets a slice of cryptographically random bytes of the given length and
|
|
// enforces that we check for short reads to avoid entropy exhaustion.
|
|
func Bytes(length int) ([]byte, error) {
|
|
key := make([]byte, length)
|
|
n, err := cryptorand.Read(key)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("could not read from random source: %v", err)
|
|
}
|
|
if n < length {
|
|
return nil, errors.New("entropy exhausted")
|
|
}
|
|
return key, nil
|
|
}
|