From 57664d02bd68247c7dd73bb862278d49c86af9b2 Mon Sep 17 00:00:00 2001 From: ICHINOSE Shogo Date: Wed, 21 Jun 2023 14:14:39 +0900 Subject: [PATCH] remove unnecessarily err checks godoc says hash.Hash.Write never returns an error: https://pkg.go.dev/hash#Hash > Write (via the embedded io.Writer interface) adds more data to the running hash. > It never returns an error. So, we don't need to check errors of Write in Hmac.ComputeAuthTag. --- jwe/internal/aescbc/aescbc.go | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/jwe/internal/aescbc/aescbc.go b/jwe/internal/aescbc/aescbc.go index e10614122..acb5a83a8 100644 --- a/jwe/internal/aescbc/aescbc.go +++ b/jwe/internal/aescbc/aescbc.go @@ -140,17 +140,20 @@ func (c Hmac) Overhead() int { } func (c Hmac) ComputeAuthTag(aad, nonce, ciphertext []byte) ([]byte, error) { - buf := make([]byte, len(aad)+len(nonce)+len(ciphertext)+8) - n := 0 - n += copy(buf, aad) - n += copy(buf[n:], nonce) - n += copy(buf[n:], ciphertext) - binary.BigEndian.PutUint64(buf[n:], uint64(len(aad)*8)) + var buf [8]byte + binary.BigEndian.PutUint64(buf[:], uint64(len(aad)*8)) h := hmac.New(c.hash, c.integrityKey) - if _, err := h.Write(buf); err != nil { - return nil, fmt.Errorf(`failed to write ComputeAuthTag using Hmac: %w`, err) - } + + // compute the tag + // no need to check errors because Write never returns an error: https://pkg.go.dev/hash#Hash + // + // > Write (via the embedded io.Writer interface) adds more data to the running hash. + // > It never returns an error. + h.Write(aad) + h.Write(nonce) + h.Write(ciphertext) + h.Write(buf[:]) s := h.Sum(nil) return s[:c.tagsize], nil }