dsy19890123 2017-09-25 07:20
浏览 48
已采纳

使用带有cypher / aes的if-construction不一致的Go错误返回

I'm seeing strange behaviour where I should get an error back from a function, but I get nil instead.

The following code block contains 2 encrypt functions using cypher/aes. The only difference is the first 1/2 lines of each function. In encrypt2, I've combined the assignment of the first line of encrypt1 into the conditional.

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "crypto/rand"
    "fmt"
    "io"
)

func main() {
    invalidKey := []byte("TCbKgXZsT")
    plaintext := []byte("dummycontenttoenctrypt")
    fmt.Println(encrypt1(plaintext, invalidKey))
    fmt.Println(encrypt2(plaintext, invalidKey))
}

func encrypt1(plaintext []byte, key []byte) (encrypted []byte, err error) {
    c, err := aes.NewCipher(key)
    if err == nil {
        if gcm, err := cipher.NewGCM(c); err == nil {
            nonce := make([]byte, gcm.NonceSize())
            if _, err = io.ReadFull(rand.Reader, nonce); err == nil {
                return gcm.Seal(nonce, nonce, plaintext, nil), nil
            }
        }
    }
    return nil, err
}

func encrypt2(plaintext []byte, key []byte) (encrypted []byte, err error) {
    if c, err := aes.NewCipher(key); err == nil {
        if gcm, err := cipher.NewGCM(c); err == nil {
            nonce := make([]byte, gcm.NonceSize())
            if _, err = io.ReadFull(rand.Reader, nonce); err == nil {
                return gcm.Seal(nonce, nonce, plaintext, nil), nil
            }
        }
    }
    return nil, err
}

Go Playground Link

I expected the same behaviour from these functions, as the logic is the same. However, calling encrypt1 returns an error (correct), while encrypt2 does not return the error (returns just nil).

I have used named arguments, so err is declared at the start of the function and should be populated by the first error in both functions.

Anything I'm doing wrong here?

  • 写回答

1条回答 默认 最新

  • dqwp81696 2017-09-25 07:58
    关注

    This is to do with scoping rules, here is a simplified example:

    https://play.golang.org/p/1dCaUB948p

    func encrypt2(plaintext []byte, key []byte) (encrypted []byte, err error) {
    if _, err := returnErr(); err == nil {
        fmt.Println("inner loop")
    }
    return nil, err
}

    If you remove the named arguments, it won't compile, which gives a hint of the problem - the err declared in your if statement does not affect the outer scope, it is only valid within the if statement. If you remove the := assignment, you'll see what you expect.

    In go a more verbose version which returns on error is usually preferred, rather than lots of nested if statements, so that you can return specific errors and the flow of logic is clear. It's easy if nesting to forget scope or which variables are assigned when, whereas if you adopt this return on error style the reader knows at any given point no errors have been encountered. You don't have to annotate errors where the original error is self-evident of course, you could just return nil,err. 

    func encrypt3(plaintext []byte, key []byte) ([]byte, error) {

    c, err := aes.NewCipher(key)
    if err != nil {
        return nil, fmt.Errorf("encrypt: invalid key :%s", err)
    }

    gcm, err := cipher.NewGCM(c)
    if err != nil {
        return nil, fmt.Errorf("encrypt: error creating cipher :%s", err)
    }

    nonce := make([]byte, gcm.NonceSize())
    _, err = io.ReadFull(rand.Reader, nonce)
    if err != nil {
        return nil, fmt.Errorf("encrypt: error creating nonce :%s", err)
    }

    return gcm.Seal(nonce, nonce, plaintext, nil), nil
}

    If you're doing aes encryption in Go, a good ref is this code and video by George Tankersley.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥35 平滑拟合曲线该如何生成
  • ¥100 c语言,请帮蒟蒻写一个题的范例作参考
  • ¥15 名为“Product”的列已属于此 DataTable
  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站
  • ¥50 成都蓉城足球俱乐部小程序抢票
  • ¥15 yolov7训练自己的数据集