ax(ueps): replace prose comments with usage examples in MarshalAndSign

Numbered step comments ("2. Calculate HMAC", "3. Write HMAC TLV") and inline narration violated AX Principle 2 — comments must show concrete usage, not restate what the code already says. Co-Authored-By: Charon <charon@lethean.io>
2026-04-02 09:58:02 +01:00 · 2026-04-02 09:58:02 +01:00 · 3d310faec7
commit 3d310faec7
parent 6118522c44
1 changed files with 5 additions and 9 deletions
--- a/pkg/ueps/packet.go
+++ b/pkg/ueps/packet.go
@ -77,28 +77,24 @@ func (builder *PacketBuilder) MarshalAndSign(sharedSecret []byte) ([]byte, error
 		return nil, err
 	}

-	// Threat Score is uint16, needs binary packing
+	// binary.BigEndian.PutUint16(threatScoreBytes, 100) → [0x00, 0x64]
 	threatScoreBytes := make([]byte, 2)
 	binary.BigEndian.PutUint16(threatScoreBytes, builder.Header.ThreatScore)
 	if err := writeTLV(buffer, TagThreatScore, threatScoreBytes); err != nil {
 		return nil, err
 	}

-	// 2. Calculate HMAC
-	// The signature covers: Existing Header TLVs + The Payload
-	// It does NOT cover the HMAC TLV tag itself (obviously)
+	// messageAuthCode.Write(buffer.Bytes()) → covers all header TLVs before the HMAC tag
 	messageAuthCode := hmac.New(sha256.New, sharedSecret)
-	messageAuthCode.Write(buffer.Bytes())  // The headers so far
-	messageAuthCode.Write(builder.Payload) // The data
+	messageAuthCode.Write(buffer.Bytes())
+	messageAuthCode.Write(builder.Payload)
 	signature := messageAuthCode.Sum(nil)

-	// 3. Write HMAC TLV (0x06)
-	// Length is 32 bytes for SHA256
+	// writeTLV(buffer, TagHMAC, signature) → [0x06, 0x20, <32 bytes>]
 	if err := writeTLV(buffer, TagHMAC, signature); err != nil {
 		return nil, err
 	}

-	// 4. Write Payload TLV (0xFF) — tag byte only; payload appended length-prefixless.
 	// buffer.Bytes() → [...headerTLVs..., 0x06, 0x20, <hmac32>, 0xFF, <payload...>]
 	buffer.WriteByte(TagPayload)
 	buffer.Write(builder.Payload)