dsy19890123 2017-09-25 07:20
浏览 48
已采纳

使用带有cypher / aes的if-construction不一致的Go错误返回

I'm seeing strange behaviour where I should get an error back from a function, but I get nil instead.

The following code block contains 2 encrypt functions using cypher/aes. The only difference is the first 1/2 lines of each function. In encrypt2, I've combined the assignment of the first line of encrypt1 into the conditional.

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "crypto/rand"
    "fmt"
    "io"
)

func main() {
    invalidKey := []byte("TCbKgXZsT")
    plaintext := []byte("dummycontenttoenctrypt")
    fmt.Println(encrypt1(plaintext, invalidKey))
    fmt.Println(encrypt2(plaintext, invalidKey))
}

func encrypt1(plaintext []byte, key []byte) (encrypted []byte, err error) {
    c, err := aes.NewCipher(key)
    if err == nil {
        if gcm, err := cipher.NewGCM(c); err == nil {
            nonce := make([]byte, gcm.NonceSize())
            if _, err = io.ReadFull(rand.Reader, nonce); err == nil {
                return gcm.Seal(nonce, nonce, plaintext, nil), nil
            }
        }
    }
    return nil, err
}

func encrypt2(plaintext []byte, key []byte) (encrypted []byte, err error) {
    if c, err := aes.NewCipher(key); err == nil {
        if gcm, err := cipher.NewGCM(c); err == nil {
            nonce := make([]byte, gcm.NonceSize())
            if _, err = io.ReadFull(rand.Reader, nonce); err == nil {
                return gcm.Seal(nonce, nonce, plaintext, nil), nil
            }
        }
    }
    return nil, err
}

Go Playground Link

I expected the same behaviour from these functions, as the logic is the same. However, calling encrypt1 returns an error (correct), while encrypt2 does not return the error (returns just nil).

I have used named arguments, so err is declared at the start of the function and should be populated by the first error in both functions.

Anything I'm doing wrong here?

  • 写回答

1条回答 默认 最新

  • dqwp81696 2017-09-25 07:58
    关注

    This is to do with scoping rules, here is a simplified example:

    https://play.golang.org/p/1dCaUB948p

    func encrypt2(plaintext []byte, key []byte) (encrypted []byte, err error) {
    if _, err := returnErr(); err == nil {
        fmt.Println("inner loop")
    }
    return nil, err
}

    If you remove the named arguments, it won't compile, which gives a hint of the problem - the err declared in your if statement does not affect the outer scope, it is only valid within the if statement. If you remove the := assignment, you'll see what you expect.

    In go a more verbose version which returns on error is usually preferred, rather than lots of nested if statements, so that you can return specific errors and the flow of logic is clear. It's easy if nesting to forget scope or which variables are assigned when, whereas if you adopt this return on error style the reader knows at any given point no errors have been encountered. You don't have to annotate errors where the original error is self-evident of course, you could just return nil,err. 

    func encrypt3(plaintext []byte, key []byte) ([]byte, error) {

    c, err := aes.NewCipher(key)
    if err != nil {
        return nil, fmt.Errorf("encrypt: invalid key :%s", err)
    }

    gcm, err := cipher.NewGCM(c)
    if err != nil {
        return nil, fmt.Errorf("encrypt: error creating cipher :%s", err)
    }

    nonce := make([]byte, gcm.NonceSize())
    _, err = io.ReadFull(rand.Reader, nonce)
    if err != nil {
        return nil, fmt.Errorf("encrypt: error creating nonce :%s", err)
    }

    return gcm.Seal(nonce, nonce, plaintext, nil), nil
}

    If you're doing aes encryption in Go, a good ref is this code and video by George Tankersley.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 mac mini外接显示器 画质字体模糊
  • ¥15 TLS1.2协议通信解密
  • ¥40 图书信息管理系统程序编写
  • ¥20 Qcustomplot缩小曲线形状问题
  • ¥15 企业资源规划ERP沙盘模拟
  • ¥15 树莓派控制机械臂传输命令报错,显示摄像头不存在
  • ¥15 前端echarts坐标轴问题
  • ¥15 ad5933的I2C
  • ¥15 请问RTX4060的笔记本电脑可以训练yolov5模型吗?
  • ¥15 数学建模求思路及代码