diff --git a/lib/rbnacl/auth.rb b/lib/rbnacl/auth.rb index bb8f1d4..bd1c621 100644 --- a/lib/rbnacl/auth.rb +++ b/lib/rbnacl/auth.rb @@ -35,12 +35,12 @@ def self.auth(key, message) # Verifies the given authenticator with the message. # # @param [#to_str] key the key used for the authenticator - # @param [#to_str] message the message to be authenticated # @param [#to_str] authenticator to be checked + # @param [#to_str] message the message to be authenticated # # @return [Boolean] Was it valid? - def self.verify(key, message, authenticator) - new(key).verify(message, authenticator) + def self.verify(key, authenticator, message) + new(key).verify(authenticator, message) end # Compute authenticator for message @@ -51,7 +51,7 @@ def self.verify(key, message, authenticator) def auth(message) authenticator = Util.zeros(tag_bytes) message = message.to_str - compute_authenticator(message, authenticator) + compute_authenticator(authenticator, message) authenticator end @@ -61,10 +61,10 @@ def auth(message) # @param [#to_str] message the message to be authenticated # # @return [Boolean] Was it valid? - def verify(message, authenticator) + def verify(authenticator, message) auth = authenticator.to_s return false unless auth.bytesize == tag_bytes - verify_message(message, auth) + verify_message(auth, message) end # The crypto primitive for this authenticator instance @@ -95,7 +95,7 @@ def self.tag_bytes; self::BYTES; end def tag_bytes; self.class.tag_bytes; end private - def compute_authenticator(message, authenticator); raise NotImplementedError; end - def verify_message(message, authenticator); raise NotImplementedError; end + def compute_authenticator(authenticator, message); raise NotImplementedError; end + def verify_message(authenticator, message); raise NotImplementedError; end end end diff --git a/lib/rbnacl/auth/one_time.rb b/lib/rbnacl/auth/one_time.rb index 3dbce87..72d4efd 100644 --- a/lib/rbnacl/auth/one_time.rb +++ b/lib/rbnacl/auth/one_time.rb @@ -32,11 +32,11 @@ def self.primitive end private - def compute_authenticator(message, authenticator) + def compute_authenticator(authenticator, message) NaCl.crypto_auth_onetime(authenticator, message, message.bytesize, key) end - def verify_message(message, authenticator) + def verify_message(authenticator, message) NaCl.crypto_auth_onetime_verify(authenticator, message, message.bytesize, key) end diff --git a/lib/rbnacl/hmac/sha256.rb b/lib/rbnacl/hmac/sha256.rb index dfbd407..c496832 100644 --- a/lib/rbnacl/hmac/sha256.rb +++ b/lib/rbnacl/hmac/sha256.rb @@ -27,11 +27,11 @@ def self.primitive end private - def compute_authenticator(message, authenticator) + def compute_authenticator(authenticator, message) NaCl.crypto_auth_hmacsha256(authenticator, message, message.bytesize, key) end - def verify_message(message, authenticator) + def verify_message(authenticator, message) NaCl.crypto_auth_hmacsha256_verify(authenticator, message, message.bytesize, key) end end diff --git a/lib/rbnacl/hmac/sha512256.rb b/lib/rbnacl/hmac/sha512256.rb index c64840a..8a4d632 100644 --- a/lib/rbnacl/hmac/sha512256.rb +++ b/lib/rbnacl/hmac/sha512256.rb @@ -27,11 +27,11 @@ def self.primitive end private - def compute_authenticator(message, authenticator) + def compute_authenticator(authenticator, message) NaCl.crypto_auth_hmacsha512256(authenticator, message, message.bytesize, key) end - def verify_message(message, authenticator) + def verify_message(authenticator, message) NaCl.crypto_auth_hmacsha512256_verify(authenticator, message, message.bytesize, key) end end diff --git a/lib/rbnacl/self_test.rb b/lib/rbnacl/self_test.rb index 1f14dcc..971ca37 100644 --- a/lib/rbnacl/self_test.rb +++ b/lib/rbnacl/self_test.rb @@ -92,11 +92,11 @@ def hmac_test(klass, tag) raise SelfTestFailure, "#{klass} failed to generate correct authentication tag" end - unless authenticator.verify(message, vector(tag)) + unless authenticator.verify(vector(tag), message) raise SelfTestFailure, "#{klass} failed to verify correct authentication tag" end - if authenticator.verify(message+' ', vector(tag)) + if authenticator.verify(vector(tag), message + ' ') raise SelfTestFailure, "#{klass} failed to detect invalid authentication tag" end end diff --git a/spec/shared/authenticator.rb b/spec/shared/authenticator.rb index a877237..b87c0ce 100644 --- a/spec/shared/authenticator.rb +++ b/spec/shared/authenticator.rb @@ -41,27 +41,27 @@ context ".verify" do it "verify an authenticator" do - described_class.verify(key, message, tag).should eq true + described_class.verify(key, tag, message).should eq true end it "raises TypeError on a nil key" do - expect { described_class.verify(nil, message, tag) }.to raise_error(TypeError) + expect { described_class.verify(nil, tag, message) }.to raise_error(TypeError) end it "raises ArgumentError on a key which is too long" do - expect { described_class.verify("\0"*33, message, tag) }.to raise_error(ArgumentError) + expect { described_class.verify("\0"*33, tag, message) }.to raise_error(ArgumentError) end it "fails to validate an invalid authenticator" do - described_class.verify(key, message+"\0", tag ).should be false + described_class.verify(key, tag, message+"\0").should be false end it "fails to validate a short authenticator" do - described_class.verify(key, message, tag[0,tag.bytesize - 2]).should be false + described_class.verify(key, tag[0,tag.bytesize - 2], message).should be false end it "fails to validate a long authenticator" do - described_class.verify(key, message, tag+"\0").should be false + described_class.verify(key, tag+"\0", message).should be false end end @@ -77,7 +77,7 @@ context "#verify" do it "verifies an authenticator" do - authenticator.verify(message, tag).should be true + authenticator.verify(tag, message).should be true end it "fails to validate an invalid authenticator" do