Skip to content

Commit

Permalink
aa/crypto: change the crypto function parameter order
Browse files Browse the repository at this point in the history
This patch changes the decrypt and encrypt function's parameter order.
Now they all follow `key`, `data`, `iv`, `aad`(if any) and `tag` (if
any). This is to align with the upper functions.

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
  • Loading branch information
Xynnn007 committed Dec 11, 2024
1 parent a739c05 commit 14f1252
Show file tree
Hide file tree
Showing 5 changed files with 29 additions and 29 deletions.
8 changes: 4 additions & 4 deletions attestation-agent/deps/crypto/src/native/aes256ctr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@
use anyhow::*;
use openssl::symm::Cipher;

pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let cipher = Cipher::aes_256_ctr();

openssl::symm::decrypt(cipher, key, Some(iv), encrypted_data)
.map_err(|e| anyhow!(e.to_string()))
}

pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let cipher = Cipher::aes_256_ctr();
let ciphertext =
openssl::symm::encrypt(cipher, key, Some(iv), data).map_err(|e| anyhow!(e.to_string()))?;
Expand All @@ -40,8 +40,8 @@ mod tests {
b"16bytes ivlength"
)]
fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
assert_eq!(plaintext, plaintext_de);
}
}
16 changes: 8 additions & 8 deletions attestation-agent/deps/crypto/src/native/aes256gcm.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ use openssl::symm::Cipher;
const TAG_LENGTH: usize = 16;

pub fn decrypt_with_aad(
encrypted_data: &[u8],
key: &[u8],
encrypted_data: &[u8],
iv: &[u8],
aad: &[u8],
tag: &[u8],
Expand All @@ -23,7 +23,7 @@ pub fn decrypt_with_aad(
.map_err(|e| anyhow!("{e:?}"))
}

pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let cipher = Cipher::aes_256_gcm();
if encrypted_data.len() < TAG_LENGTH {
bail!("Illegal length of ciphertext");
Expand All @@ -34,7 +34,7 @@ pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>>
.map_err(|e| anyhow!(e.to_string()))
}

pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let cipher = Cipher::aes_256_gcm();
let mut tag = [0u8; TAG_LENGTH];
let mut ciphertext = openssl::symm::encrypt_aead(cipher, key, Some(iv), &[], data, &mut tag)
Expand All @@ -50,11 +50,11 @@ mod tests {
use super::{decrypt, encrypt};

#[rstest]
#[case(b"plaintext1", b"0123456789abcdefghijklmnopqrstuv", b"unique nonce")]
#[case(b"plaintext2", b"hijklmnopqrstuv0123456789abcdefg", b"unique2nonce")]
fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
#[case(b"0123456789abcdefghijklmnopqrstuv", b"plaintext1", b"unique nonce")]
#[case(b"hijklmnopqrstuv0123456789abcdefg", b"plaintext2", b"unique2nonce")]
fn en_decrypt(#[case] key: &[u8], #[case] plaintext: &[u8], #[case] iv: &[u8]) {
let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
assert_eq!(plaintext, plaintext_de);
}
}
14 changes: 7 additions & 7 deletions attestation-agent/deps/crypto/src/rust/aes256ctr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ use ctr::{
Ctr128BE,
};

pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let mut decryptor = Ctr128BE::<Aes256>::new(key.into(), iv.into());
let mut buf = Vec::new();
buf.resize(encrypted_data.len(), b' ');
Expand All @@ -22,7 +22,7 @@ pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>>
Ok(buf)
}

pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let mut encryptor = Ctr128BE::<Aes256>::new(key.into(), iv.into());
let mut ciphertext = data.to_vec();
encryptor.apply_keystream(&mut ciphertext);
Expand All @@ -36,18 +36,18 @@ mod tests {

#[rstest]
#[case(
b"plaintext1",
b"0123456789abcdefghijklmnopqrstuv",
b"plaintext1",
b"16bytes ivlength"
)]
#[case(
b"plaintext2",
b"hijklmnopqrstuv0123456789abcdefg",
b"plaintext2",
b"16bytes ivlength"
)]
fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
fn en_decrypt(#[case] key: &[u8], #[case] plaintext: &[u8], #[case] iv: &[u8]) {
let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
assert_eq!(plaintext, plaintext_de);
}
}
16 changes: 8 additions & 8 deletions attestation-agent/deps/crypto/src/rust/aes256gcm.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ use aes_gcm::{aead::Aead, AeadInPlace, Aes256Gcm, Key, KeyInit, Nonce};
use anyhow::*;

pub fn decrypt_with_aad(
encrypted_data: &[u8],
key: &[u8],
encrypted_data: &[u8],
iv: &[u8],
aad: &[u8],
tag: &[u8],
Expand All @@ -25,7 +25,7 @@ pub fn decrypt_with_aad(
Ok(plaintext)
}

pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn decrypt(key: &[u8], encrypted_data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let decrypting_key = Key::<Aes256Gcm>::from_slice(key);
let cipher = Aes256Gcm::new(decrypting_key);
let nonce = Nonce::from_slice(iv);
Expand All @@ -36,7 +36,7 @@ pub fn decrypt(encrypted_data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>>
Ok(plain_text)
}

pub fn encrypt(data: &[u8], key: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
pub fn encrypt(key: &[u8], data: &[u8], iv: &[u8]) -> Result<Vec<u8>> {
let encrypting_key = Key::<Aes256Gcm>::from_slice(key);
let cipher = Aes256Gcm::new(encrypting_key);
let nonce = Nonce::from_slice(iv);
Expand All @@ -54,11 +54,11 @@ mod tests {
use super::{decrypt, encrypt};

#[rstest]
#[case(b"plaintext1", b"0123456789abcdefghijklmnopqrstuv", b"unique nonce")]
#[case(b"plaintext2", b"hijklmnopqrstuv0123456789abcdefg", b"unique2nonce")]
fn en_decrypt(#[case] plaintext: &[u8], #[case] key: &[u8], #[case] iv: &[u8]) {
let ciphertext = encrypt(plaintext, key, iv).expect("encryption failed");
let plaintext_de = decrypt(&ciphertext, key, iv).expect("decryption failed");
#[case(b"0123456789abcdefghijklmnopqrstuv", b"plaintext1", b"unique nonce")]
#[case(b"hijklmnopqrstuv0123456789abcdefg", b"plaintext2", b"unique2nonce")]
fn en_decrypt(#[case] key: &[u8], #[case] plaintext: &[u8], #[case] iv: &[u8]) {
let ciphertext = encrypt(key, plaintext, iv).expect("encryption failed");
let plaintext_de = decrypt(key, &ciphertext, iv).expect("decryption failed");
assert_eq!(plaintext, plaintext_de);
}
}
4 changes: 2 additions & 2 deletions attestation-agent/deps/crypto/src/symmetric.rs
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,8 @@ pub fn decrypt(
wrap_type: WrapType,
) -> Result<Vec<u8>> {
match wrap_type {
WrapType::Aes256Gcm => aes256gcm::decrypt(&ciphertext, &key, &iv),
WrapType::Aes256Ctr => aes256ctr::decrypt(&ciphertext, &key, &iv),
WrapType::Aes256Gcm => aes256gcm::decrypt(&key, &ciphertext, &iv),
WrapType::Aes256Ctr => aes256ctr::decrypt(&key, &ciphertext, &iv),
}
}

Expand Down

0 comments on commit 14f1252

Please sign in to comment.