Merge pull request #70 from cryptosphere/verify-operand-order

Reverse VerifyKey#verify operand ordering (fixes #61)

CHANGES.md

@@ -2,6 +2,8 @@ HEAD
 ----
 * Add encrypt/decrypt aliases for Crypto::RandomNonceBox
 * Rename Crypto module to RbNaCl module
+* RbNaCl::VerifyKey#verify operand order was reversed. New operand order is
+  signature, message instead of message, signature
 
 1.1.0 (2013-04-19)
 ------------------

lib/rbnacl/auth.rb

@@ -35,12 +35,12 @@ def self.auth(key, message)
     # Verifies the given authenticator with the message.
     #
     # @param [#to_str] key the key used for the authenticator
-    # @param [#to_str] message the message to be authenticated
     # @param [#to_str] authenticator to be checked
+    # @param [#to_str] message the message to be authenticated
     #
     # @return [Boolean] Was it valid?
-    def self.verify(key, message, authenticator)
-      new(key).verify(message, authenticator)
+    def self.verify(key, authenticator, message)
+      new(key).verify(authenticator, message)
     end
 
     # Compute authenticator for message
@@ -51,7 +51,7 @@ def self.verify(key, message, authenticator)
     def auth(message)
       authenticator = Util.zeros(tag_bytes)
       message = message.to_str
-      compute_authenticator(message, authenticator)
+      compute_authenticator(authenticator, message)
       authenticator
     end
 
@@ -61,10 +61,10 @@ def auth(message)
     # @param [#to_str] message the message to be authenticated
     #
     # @return [Boolean] Was it valid?
-    def verify(message, authenticator)
+    def verify(authenticator, message)
       auth = authenticator.to_s
       return false unless auth.bytesize == tag_bytes
-      verify_message(message, auth)
+      verify_message(auth, message)
     end
 
     # The crypto primitive for this authenticator instance
@@ -95,7 +95,7 @@ def self.tag_bytes; self::BYTES; end
     def tag_bytes; self.class.tag_bytes; end
 
     private
-    def compute_authenticator(message, authenticator); raise NotImplementedError; end
-    def verify_message(message, authenticator);        raise NotImplementedError; end
+    def compute_authenticator(authenticator, message); raise NotImplementedError; end
+    def verify_message(authenticator, message);        raise NotImplementedError; end
   end
 end

lib/rbnacl/auth/one_time.rb

@@ -32,11 +32,11 @@ def self.primitive
       end
 
       private
-      def compute_authenticator(message, authenticator)
+      def compute_authenticator(authenticator, message)
         NaCl.crypto_auth_onetime(authenticator, message, message.bytesize, key)
       end
 
-      def verify_message(message, authenticator)
+      def verify_message(authenticator, message)
         NaCl.crypto_auth_onetime_verify(authenticator, message, message.bytesize, key)
       end
 

lib/rbnacl/hmac/sha256.rb

@@ -27,11 +27,11 @@ def self.primitive
       end
 
       private
-      def compute_authenticator(message, authenticator)
+      def compute_authenticator(authenticator, message)
         NaCl.crypto_auth_hmacsha256(authenticator, message, message.bytesize, key)
       end
 
-      def verify_message(message, authenticator)
+      def verify_message(authenticator, message)
         NaCl.crypto_auth_hmacsha256_verify(authenticator, message, message.bytesize, key)
       end
     end

lib/rbnacl/hmac/sha512256.rb

@@ -27,11 +27,11 @@ def self.primitive
       end
 
       private
-      def compute_authenticator(message, authenticator)
+      def compute_authenticator(authenticator, message)
         NaCl.crypto_auth_hmacsha512256(authenticator, message, message.bytesize, key)
       end
 
-      def verify_message(message, authenticator)
+      def verify_message(authenticator, message)
         NaCl.crypto_auth_hmacsha512256_verify(authenticator, message, message.bytesize, key)
       end
     end

lib/rbnacl/keys/verify_key.rb

@@ -25,11 +25,11 @@ def initialize(key)
 
     # Verify a signature for a given message
     #
-    # @param message [String] Message to be authenticated
     # @param signature [String] Alleged signature to be checked
+    # @param message [String] Message to be authenticated
     #
     # @return [Boolean] was the signature authentic?
-    def verify(message, signature)
+    def verify(signature, message)
       signature = signature.to_str
       Util.check_length(signature, signature_bytes, "signature")
 

lib/rbnacl/self_test.rb

@@ -71,15 +71,15 @@ def digital_signature_test
         #:nocov:
       end
 
-      unless verify_key.verify(message, signature)
+      unless verify_key.verify(signature, message)
         #:nocov:
         raise SelfTestFailure, "failed to verify a valid signature"
         #:nocov:
       end
 
       bad_signature = signature[0,63] + '0'
 
-      unless verify_key.verify(message, bad_signature) == false
+      unless verify_key.verify(bad_signature, message) == false
         #:nocov:
         raise SelfTestFailure, "failed to detect an invalid signature"
         #:nocov:
@@ -108,13 +108,13 @@ def hmac_test(klass, tag)
         #:nocov:
       end
 
-      unless authenticator.verify(message, vector(tag))
+      unless authenticator.verify(vector(tag), message)
         #:nocov:
         raise SelfTestFailure, "#{klass} failed to verify correct authentication tag"
         #:nocov:
       end
 
-      if authenticator.verify(message+' ', vector(tag))
+      if authenticator.verify(vector(tag), message + ' ')
         #:nocov:
         raise SelfTestFailure, "#{klass} failed to detect invalid authentication tag"
         #:nocov:

spec/rbnacl/keys/verify_key_spec.rb

@@ -10,15 +10,15 @@
   subject { RbNaCl::SigningKey.new(signing_key).verify_key }
 
   it "verifies correct signatures" do
-    subject.verify(message, signature).should be_true
+    subject.verify(signature, message).should be_true
   end
 
   it "detects bad signatures" do
-    subject.verify(message, bad_signature).should be_false
+    subject.verify(bad_signature, message).should be_false
   end
 
   it "raises when asked to verify with a bang" do
-    expect { subject.verify!(message, bad_signature) }.to raise_exception RbNaCl::BadSignatureError
+    expect { subject.verify!(bad_signature, message) }.to raise_exception RbNaCl::BadSignatureError
   end
 
   it "serializes to bytes" do

spec/shared/authenticator.rb

@@ -41,27 +41,27 @@
 
   context ".verify" do
     it "verify an authenticator" do
-      described_class.verify(key, message, tag).should eq true
+      described_class.verify(key, tag, message).should eq true
     end
 
     it "raises TypeError on a nil key" do
-      expect { described_class.verify(nil, message, tag) }.to raise_error(TypeError)
+      expect { described_class.verify(nil, tag, message) }.to raise_error(TypeError)
     end
 
     it "raises ArgumentError on a key which is too long" do
-      expect { described_class.verify("\0"*33, message, tag) }.to raise_error(ArgumentError)
+      expect { described_class.verify("\0"*33, tag, message) }.to raise_error(ArgumentError)
     end
 
     it "fails to validate an invalid authenticator" do
-      described_class.verify(key, message+"\0", tag ).should be false
+      described_class.verify(key, tag, message+"\0").should be false
     end
 
     it "fails to validate a short authenticator" do
-      described_class.verify(key, message, tag[0,tag.bytesize - 2]).should be false
+      described_class.verify(key, tag[0,tag.bytesize - 2], message).should be false
     end
 
     it "fails to validate a long authenticator" do
-      described_class.verify(key, message, tag+"\0").should be false
+      described_class.verify(key, tag+"\0", message).should be false
     end
   end
 
@@ -77,7 +77,7 @@
 
     context "#verify" do
       it "verifies an authenticator" do
-        authenticator.verify(message, tag).should be true
+        authenticator.verify(tag, message).should be true
       end
 
       it "fails to validate an invalid authenticator" do