From 660a7ba6d20adc2a0520be29407ccaabd16c3378 Mon Sep 17 00:00:00 2001
From: Brian Warner <warner@lothar.com>
Date: Fri, 20 Jun 2014 14:39:06 -0700
Subject: [PATCH] fix raw crypto_secretbox API

---
 src/nacl/c/crypto_secretbox.py | 8 ++++----
 src/nacl/secret.py             | 4 ++--
 tests/test_raw.py              | 6 ++----
 3 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/src/nacl/c/crypto_secretbox.py b/src/nacl/c/crypto_secretbox.py
index 94e6a66a..e07caa9c 100644
--- a/src/nacl/c/crypto_secretbox.py
+++ b/src/nacl/c/crypto_secretbox.py
@@ -23,14 +23,14 @@ crypto_secretbox_ZEROBYTES = lib.crypto_secretbox_zerobytes()
 crypto_secretbox_BOXZEROBYTES = lib.crypto_secretbox_boxzerobytes()
 
 
-def crypto_secretbox(key, message, nonce):
+def crypto_secretbox(message, nonce, key):
     """
     Encrypts and returns the message ``message`` with the secret ``key`` and
     the nonce ``nonce``.
 
-    :param key: bytes
     :param message: bytes
     :param nonce: bytes
+    :param key: bytes
     :rtype: bytes
     """
     if len(key) != crypto_secretbox_KEYBYTES:
@@ -49,14 +49,14 @@ def crypto_secretbox(key, message, nonce):
     return ciphertext[crypto_secretbox_BOXZEROBYTES:]
 
 
-def crypto_secretbox_open(key, ciphertext, nonce):
+def crypto_secretbox_open(ciphertext, nonce, key):
     """
     Decrypt and returns the encrypted message ``ciphertext`` with the secret
     ``key`` and the nonce ``nonce``.
 
-    :param key: bytes
     :param ciphertext: bytes
     :param nonce: bytes
+    :param key: bytes
     :rtype: bytes
     """
     if len(key) != crypto_secretbox_KEYBYTES:
diff --git a/src/nacl/secret.py b/src/nacl/secret.py
index 50107d50..6ae85876 100644
--- a/src/nacl/secret.py
+++ b/src/nacl/secret.py
@@ -78,7 +78,7 @@ class SecretBox(encoding.Encodable, StringFixer, object):
                 "The nonce must be exactly %s bytes long" % self.NONCE_SIZE,
             )
 
-        ciphertext = nacl.c.crypto_secretbox(self._key, plaintext, nonce)
+        ciphertext = nacl.c.crypto_secretbox(plaintext, nonce, self._key)
 
         encoded_nonce = encoder.encode(nonce)
         encoded_ciphertext = encoder.encode(ciphertext)
@@ -113,6 +113,6 @@ class SecretBox(encoding.Encodable, StringFixer, object):
                 "The nonce must be exactly %s bytes long" % self.NONCE_SIZE,
             )
 
-        plaintext = nacl.c.crypto_secretbox_open(self._key, ciphertext, nonce)
+        plaintext = nacl.c.crypto_secretbox_open(ciphertext, nonce, self._key)
 
         return plaintext
diff --git a/tests/test_raw.py b/tests/test_raw.py
index 0ec888e5..3381d736 100644
--- a/tests/test_raw.py
+++ b/tests/test_raw.py
@@ -37,12 +37,10 @@ def test_secretbox():
     key = "\x00" * c.crypto_secretbox_KEYBYTES
     msg = "message"
     nonce = "\x01" * c.crypto_secretbox_NONCEBYTES
-    # TODO: NaCl is secretbox(msg,nonce,key)
-    ct = c.crypto_secretbox(key, msg, nonce)
+    ct = c.crypto_secretbox(msg, nonce, key)
     assert len(ct) == len(msg) + c.crypto_secretbox_BOXZEROBYTES
     assert hexlify(ct) == "3ae84dfb89728737bd6e2c8cacbaf8af3d34cc1666533a"
-    # TODO: NaCl is secretbox_open(ct,nonce,key)
-    msg2 = c.crypto_secretbox_open(key, ct, nonce)
+    msg2 = c.crypto_secretbox_open(ct, nonce, key)
     assert msg2 == msg
 
 def test_box():
-- 
GitLab