From 6354ea4f69e6b3207c561c114e324f613659f2dd Mon Sep 17 00:00:00 2001
From: Jesper Louis Andersen <jesper.louis.andersen@gmail.com>
Date: Tue, 25 Nov 2014 15:46:43 +0100
Subject: [PATCH] Improve the return values for keypairs.

To avoid the common mistake of re-arranging keypairs, provide them in a map which
forces the programmer to unpack the map in order to obtain the keys. This in turn makes
it harder to swap the PK/SK pair around and mistakenly giving out the secret key to the world.
---
 eqc_test/enacl_eqc.erl |  7 +++----
 src/enacl.erl          | 10 +++++-----
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/eqc_test/enacl_eqc.erl b/eqc_test/enacl_eqc.erl
index 4062501..722cb74 100644
--- a/eqc_test/enacl_eqc.erl
+++ b/eqc_test/enacl_eqc.erl
@@ -19,13 +19,13 @@ nonce() ->
     fault(nonce_bad(), nonce_good()).
 
 keypair_good() ->
-    {ok, PK, SK} = enacl:box_keypair(),
+    #{ public := PK, secret := SK} = enacl:box_keypair(),
     {PK, SK}.
 
 keypair_bad() ->
     ?LET(X, elements([pk, sk]),
       begin
-        {ok, PK, SK} = enacl:box_keypair(),
+        #{ public := PK, secret := SK} = enacl:box_keypair(),
         case X of
             pk ->
               PKBytes = enacl:box_public_key_bytes(),
@@ -42,7 +42,6 @@ keypair() ->
 %% CRYPTO BOX
 %% ---------------------------
 
-
 keypair_valid(PK, SK) when is_binary(PK), is_binary(SK) ->
     PKBytes = enacl:box_public_key_bytes(),
     SKBytes = enacl:box_secret_key_bytes(),
@@ -53,7 +52,7 @@ prop_box_keypair() ->
     ?FORALL(_X, return(dummy),
         ok_box_keypair(enacl:box_keypair())).
        
-ok_box_keypair({ok, _PK, _SK}) -> true;
+ok_box_keypair(#{ public := _, secret := _}) -> true;
 ok_box_keypair(_) -> false.
 
 box(Msg, Nonce , PK, SK) ->
diff --git a/src/enacl.erl b/src/enacl.erl
index a6415cc..b99e199 100644
--- a/src/enacl.erl
+++ b/src/enacl.erl
@@ -76,13 +76,13 @@ verify_32(X, Y) -> enacl_nif:crypto_verify_32(X, Y).
 %% Public Key Crypto
 %% ---------------------
 %% @doc box_keypair/0 creates a new Public/Secret keypair.
-%% Generates and returns a new key pair for the Box encryption scheme.
+%% Generates and returns a new key pair for the Box encryption scheme. The return value is a
+%% map in order to avoid using the public key as a secret key and vice versa.
 %% @end.
--spec box_keypair() -> {PublicKey, SecretKey}
-  when PublicKey :: binary(),
-       SecretKey :: binary().
+-spec box_keypair() -> maps:map(atom(), binary()).
 box_keypair() ->
-	enacl_nif:crypto_box_keypair().
+	{PK, SK} = enacl_nif:crypto_box_keypair(),
+	#{ public => PK, secret => SK}.
 
 %% @doc box/4 encrypts+authenticates a message to another party.
 %% Encrypt a `Msg` to the party identified by public key `PK` using your own secret key `SK` to