From 3d310faec7661f2544fe3742cad6f38972dfd679 Mon Sep 17 00:00:00 2001 From: Claude Date: Thu, 2 Apr 2026 09:58:02 +0100 Subject: [PATCH] ax(ueps): replace prose comments with usage examples in MarshalAndSign MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Numbered step comments ("2. Calculate HMAC", "3. Write HMAC TLV") and inline narration violated AX Principle 2 — comments must show concrete usage, not restate what the code already says. Co-Authored-By: Charon --- pkg/ueps/packet.go | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/pkg/ueps/packet.go b/pkg/ueps/packet.go index 3ee260e..b133b79 100644 --- a/pkg/ueps/packet.go +++ b/pkg/ueps/packet.go @@ -77,28 +77,24 @@ func (builder *PacketBuilder) MarshalAndSign(sharedSecret []byte) ([]byte, error return nil, err } - // Threat Score is uint16, needs binary packing + // binary.BigEndian.PutUint16(threatScoreBytes, 100) → [0x00, 0x64] threatScoreBytes := make([]byte, 2) binary.BigEndian.PutUint16(threatScoreBytes, builder.Header.ThreatScore) if err := writeTLV(buffer, TagThreatScore, threatScoreBytes); err != nil { return nil, err } - // 2. Calculate HMAC - // The signature covers: Existing Header TLVs + The Payload - // It does NOT cover the HMAC TLV tag itself (obviously) + // messageAuthCode.Write(buffer.Bytes()) → covers all header TLVs before the HMAC tag messageAuthCode := hmac.New(sha256.New, sharedSecret) - messageAuthCode.Write(buffer.Bytes()) // The headers so far - messageAuthCode.Write(builder.Payload) // The data + messageAuthCode.Write(buffer.Bytes()) + messageAuthCode.Write(builder.Payload) signature := messageAuthCode.Sum(nil) - // 3. Write HMAC TLV (0x06) - // Length is 32 bytes for SHA256 + // writeTLV(buffer, TagHMAC, signature) → [0x06, 0x20, <32 bytes>] if err := writeTLV(buffer, TagHMAC, signature); err != nil { return nil, err } - // 4. Write Payload TLV (0xFF) — tag byte only; payload appended length-prefixless. // buffer.Bytes() → [...headerTLVs..., 0x06, 0x20, , 0xFF, ] buffer.WriteByte(TagPayload) buffer.Write(builder.Payload)