Reverse VerifyKey#verify operand ordering (fixes #61)

This uses NaCl's original operand ordering for VerifyKey#verify instead of reversing it. The reverse ordering was a poor decision on my part. Mea culpa. This order is more traditional for these sorts of APIs.
RubyCrypto · Sep 14, 2013 · 5ae6660 · 5ae6660
1 parent 9205a58
commit 5ae6660
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 7 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -2,6 +2,8 @@ HEAD
 ----
 * Add encrypt/decrypt aliases for Crypto::RandomNonceBox
 * Rename Crypto module to RbNaCl module
+* RbNaCl::VerifyKey#verify operand order was reversed. New operand order is
+  signature, message instead of message, signature
 
 1.1.0 (2013-04-19)
 ------------------

diff --git a/lib/rbnacl/keys/verify_key.rb b/lib/rbnacl/keys/verify_key.rb
@@ -25,11 +25,11 @@ def initialize(key)
 
     # Verify a signature for a given message
     #
-    # @param message [String] Message to be authenticated
     # @param signature [String] Alleged signature to be checked
+    # @param message [String] Message to be authenticated
     #
     # @return [Boolean] was the signature authentic?
-    def verify(message, signature)
+    def verify(signature, message)
       signature = signature.to_str
       Util.check_length(signature, signature_bytes, "signature")
 

diff --git a/lib/rbnacl/self_test.rb b/lib/rbnacl/self_test.rb
@@ -63,13 +63,13 @@ def digital_signature_test
         raise SelfTestFailure, "failed to generate correct signature"
       end
 
-      unless verify_key.verify(message, signature)
+      unless verify_key.verify(signature, message)
         raise SelfTestFailure, "failed to verify a valid signature"
       end
 
       bad_signature = signature[0,63] + '0'
 
-      unless verify_key.verify(message, bad_signature) == false
+      unless verify_key.verify(bad_signature, message) == false
         raise SelfTestFailure, "failed to detect an invalid signature"
       end
     end

diff --git a/spec/rbnacl/keys/verify_key_spec.rb b/spec/rbnacl/keys/verify_key_spec.rb
@@ -10,15 +10,15 @@
   subject { RbNaCl::SigningKey.new(signing_key).verify_key }
 
   it "verifies correct signatures" do
-    subject.verify(message, signature).should be_true
+    subject.verify(signature, message).should be_true
   end
 
   it "detects bad signatures" do
-    subject.verify(message, bad_signature).should be_false
+    subject.verify(bad_signature, message).should be_false
   end
 
   it "raises when asked to verify with a bang" do
-    expect { subject.verify!(message, bad_signature) }.to raise_exception RbNaCl::BadSignatureError
+    expect { subject.verify!(bad_signature, message) }.to raise_exception RbNaCl::BadSignatureError
   end
 
   it "serializes to bytes" do