Snider/Mining
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ax(ueps): replace errors import in reader.go with tlvError sentinels

Browse source 
Co-Authored-By: Charon <charon@lethean.io>
This commit is contained in:
Claude 2026-04-02 08:13:57 +01:00
parent 2adb53226c
commit d6f69faf6b
No known key found for this signature in database
GPG key ID: AF404715446AEB41
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
pkg/ueps/reader.go
View file

@ -6,10 +6,15 @@ import (
"crypto/hmac"
"crypto/sha256"
"encoding/binary"
"errors"
"io"
)
// errMissingHMAC is returned by ReadAndVerify when no HMAC tag is present in the packet.
var errMissingHMAC = tlvError("UEPS packet missing HMAC signature")
// errIntegrityViolation is returned by ReadAndVerify when the HMAC does not match the packet contents.
var errIntegrityViolation = tlvError("integrity violation: HMAC mismatch (ThreatScore +100)")
// packet, err := ueps.ReadAndVerify(r, sharedSecret)
// if err == nil { _ = packet.Header.IntentID; _ = packet.Header.ThreatScore; _ = packet.Payload }
type ParsedPacket struct {
@ -115,7 +120,7 @@ func ReadAndVerify(reader *bufio.Reader, sharedSecret []byte) (*ParsedPacket, er
}
if len(signature) == 0 {
return nil, errors.New("UEPS packet missing HMAC signature")
return nil, errMissingHMAC
}
// 5. Verify HMAC
@ -128,7 +133,7 @@ func ReadAndVerify(reader *bufio.Reader, sharedSecret []byte) (*ParsedPacket, er
if !hmac.Equal(signature, expectedMAC) {
// Log this. This is a Threat Event.
// "Axiom Violation: Integrity Check Failed"
return nil, errors.New("integrity violation: HMAC mismatch (ThreatScore +100)")
return nil, errIntegrityViolation
}
return &ParsedPacket{