refactor: use keygen from liberator

cmd/wonderwall/main.go

@@ -9,16 +9,15 @@ import (
 
 	"github.com/go-redis/redis/v8"
 	"github.com/lestrrat-go/jwx/jwk"
-
-	"github.com/nais/wonderwall/pkg/session"
-
 	"github.com/nais/liberator/pkg/conftools"
+	"github.com/nais/liberator/pkg/keygen"
 	log "github.com/sirupsen/logrus"
 
 	"github.com/nais/wonderwall/pkg/config"
 	"github.com/nais/wonderwall/pkg/cryptutil"
 	"github.com/nais/wonderwall/pkg/logging"
 	"github.com/nais/wonderwall/pkg/router"
+	"github.com/nais/wonderwall/pkg/session"
 )
 
 var maskedConfig = []string{
@@ -54,7 +53,7 @@ func run() error {
 	}
 
 	if len(key) == 0 {
-		key, err = cryptutil.RandomBytes(32)
+		key, err = keygen.Keygen(32)
 		if err != nil {
 			return fmt.Errorf("generate random encryption key: %w", err)
 		}

pkg/cryptutil/encrypt.go

@@ -4,11 +4,11 @@ import (
 	"bytes"
 	"crypto/aes"
 	"crypto/cipher"
-	"crypto/rand"
 	"encoding/binary"
 	"fmt"
-	"io"
 	"time"
+
+	"github.com/nais/liberator/pkg/keygen"
 )
 
 type crypter struct {
@@ -26,12 +26,6 @@ func New(key []byte) Crypter {
 	}
 }
 
-func RandomBytes(length int) ([]byte, error) {
-	buf := make([]byte, length)
-	_, err := io.ReadFull(rand.Reader, buf)
-	return buf, err
-}
-
 // Generate an initialization vector for encryption.
 // It consists of the current UNIX timestamp with nanoseconds, and four bytes of randomness.
 func IV() ([]byte, error) {
@@ -44,7 +38,7 @@ func IV() ([]byte, error) {
 	}
 
 	// Pad nonce with 4 bytes
-	random, err := RandomBytes(4)
+	random, err := keygen.Keygen(4)
 	if err != nil {
 		return nil, err
 	}