aa/crypto: change the crypto function parameter order

This patch changes the decrypt and encrypt function's parameter order.
Now they all follow `key`, `data`, `iv`, `aad`(if any) and `tag` (if
any). This is to align with the upper functions.

Signed-off-by: Xynnn007 <[email protected]>

attestation-agent/deps/crypto/src/native/aes256ctr.rs

@@ -8,14 +8,14 @@
 use anyhow::*;
 use openssl::symm::Cipher;
 
-pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let cipher = Cipher::aes_256_ctr();
 
     openssl::symm::decrypt(cipher, key, Some(iv), encrypted_data)
         .map_err(|e| anyhow!(e.to_string()))
 }
 
-pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let cipher = Cipher::aes_256_ctr();
     let ciphertext =
         openssl::symm::encrypt(cipher, key, Some(iv), data).map_err(|e| anyhow!(e.to_string()))?;
@@ -40,8 +40,8 @@ mod tests {
         b"16bytes ivlength"
     )]
     fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
-        let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
-        let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
+        let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
+        let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
         assert_eq!(plaintext, plaintext_de);
     }
 }

attestation-agent/deps/crypto/src/native/aes256gcm.rs

@@ -11,8 +11,8 @@ use openssl::symm::Cipher;
 const TAG_LENGTH: usize = 16;
 
 pub fn decrypt_with_aad(
-    encrypted_data: &[u8],
     key: &[u8],
+    encrypted_data: &[u8],
     iv: &[u8],
     aad: &[u8],
     tag: &[u8],
@@ -23,7 +23,7 @@ pub fn decrypt_with_aad(
         .map_err(|e| anyhow!("{e:?}"))
 }
 
-pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let cipher = Cipher::aes_256_gcm();
     if encrypted_data.len() < TAG_LENGTH {
         bail!("Illegal length of ciphertext");
@@ -34,7 +34,7 @@ pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>>
         .map_err(|e| anyhow!(e.to_string()))
 }
 
-pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let cipher = Cipher::aes_256_gcm();
     let mut tag = [0u8; TAG_LENGTH];
     let mut ciphertext = openssl::symm::encrypt_aead(cipher, key, Some(iv), &[], data, &mut tag)
@@ -50,11 +50,11 @@ mod tests {
     use super::{decrypt, encrypt};
 
     #[rstest]
-    #[case(b"plaintext1", b"0123456789abcdefghijklmnopqrstuv", b"unique nonce")]
-    #[case(b"plaintext2", b"hijklmnopqrstuv0123456789abcdefg", b"unique2nonce")]
-    fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
-        let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
-        let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
+    #[case(b"0123456789abcdefghijklmnopqrstuv", b"plaintext1", b"unique nonce")]
+    #[case(b"hijklmnopqrstuv0123456789abcdefg", b"plaintext2", b"unique2nonce")]
+    fn en_decrypt(#[case] key: &[u8], #[case] plaintext: &[u8], #[case] iv: &[u8]) {
+        let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
+        let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
         assert_eq!(plaintext, plaintext_de);
     }
 }

attestation-agent/deps/crypto/src/rust/aes256ctr.rs

@@ -12,7 +12,7 @@ use ctr::{
     Ctr128BE,
 };
 
-pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let mut decryptor = Ctr128BE::<Aes256>::new(key.into(), iv.into());
     let mut buf = Vec::new();
     buf.resize(encrypted_data.len(), b' ');
@@ -22,7 +22,7 @@ pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>>
     Ok(buf)
 }
 
-pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let mut encryptor = Ctr128BE::<Aes256>::new(key.into(), iv.into());
     let mut ciphertext = data.to_vec();
     encryptor.apply_keystream(&mut ciphertext);
@@ -36,18 +36,18 @@ mod tests {
 
     #[rstest]
     #[case(
-        b"plaintext1",
         b"0123456789abcdefghijklmnopqrstuv",
+        b"plaintext1",
         b"16bytes ivlength"
     )]
     #[case(
-        b"plaintext2",
         b"hijklmnopqrstuv0123456789abcdefg",
+        b"plaintext2",
         b"16bytes ivlength"
     )]
-    fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
-        let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
-        let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
+    fn en_decrypt(#[case] key: &[u8], #[case] plaintext: &[u8], #[case] iv: &[u8]) {
+        let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
+        let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
         assert_eq!(plaintext, plaintext_de);
     }
 }

attestation-agent/deps/crypto/src/rust/aes256gcm.rs

@@ -8,8 +8,8 @@ use aes_gcm::{aead::Aead, AeadInPlace, Aes256Gcm, Key, KeyInit, Nonce};
 use anyhow::*;
 
 pub fn decrypt_with_aad(
-    encrypted_data: &[u8],
     key: &[u8],
+    encrypted_data: &[u8],
     iv: &[u8],
     aad: &[u8],
     tag: &[u8],
@@ -25,7 +25,7 @@ pub fn decrypt_with_aad(
     Ok(plaintext)
 }
 
-pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let decrypting_key = Key::<Aes256Gcm>::from_slice(key);
     let cipher = Aes256Gcm::new(decrypting_key);
     let nonce = Nonce::from_slice(iv);
@@ -36,7 +36,7 @@ pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>>
     Ok(plain_text)
 }
 
-pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
+pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
     let encrypting_key = Key::<Aes256Gcm>::from_slice(key);
     let cipher = Aes256Gcm::new(encrypting_key);
     let nonce = Nonce::from_slice(iv);
@@ -54,11 +54,11 @@ mod tests {
     use super::{decrypt, encrypt};
 
     #[rstest]
-    #[case(b"plaintext1", b"0123456789abcdefghijklmnopqrstuv", b"unique nonce")]
-    #[case(b"plaintext2", b"hijklmnopqrstuv0123456789abcdefg", b"unique2nonce")]
-    fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
-        let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
-        let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
+    #[case(b"0123456789abcdefghijklmnopqrstuv", b"plaintext1", b"unique nonce")]
+    #[case(b"hijklmnopqrstuv0123456789abcdefg", b"plaintext2", b"unique2nonce")]
+    fn en_decrypt(#[case] key: &[u8], #[case] plaintext: &[u8], #[case] iv: &[u8]) {
+        let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
+        let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
         assert_eq!(plaintext, plaintext_de);
     }
 }

attestation-agent/deps/crypto/src/symmetric.rs

@@ -43,8 +43,8 @@ pub fn decrypt(
     wrap_type: WrapType,
 ) -> Result<Vec<u8>> {
     match wrap_type {
-        WrapType::Aes256Gcm => aes256gcm::decrypt(&ciphertext, &key, &iv),
-        WrapType::Aes256Ctr => aes256ctr::decrypt(&ciphertext, &key, &iv),
+        WrapType::Aes256Gcm => aes256gcm::decrypt(&key, &ciphertext, &iv),
+        WrapType::Aes256Ctr => aes256ctr::decrypt(&key, &ciphertext, &iv),
     }
 }