We're currently encrypting our objects before sending to GCS, but considering offloading the encryption to GCS although we would continue to manage the keys, i.e. customer-supplied keys. In addition to the keys, is it possible for us to manage the initialization vectors and send that in the API?
The documentation includes headers for the encryption algorithm, encryption key, and hash of the encryption key. Nothing for the initialization vector.
In addition to the keys, is it possible for us to manage the initialization vectors and send that in the API?
No, you cannot provide the IV (initialization vector) along with the encryption keys nor should you.
The encryption key is used for many operations. The IV (initialization vector) is usually unique (random number) for each encryption operation and is stored with the ciphertext (prepended). The encryption key is a secret. The IV is not a secret.
If you could specify the IV with the encryption key, meaning the same IV for all encrypt operations, you would have significantly less secure encryption (Semantic security).