Reindent everything.

Indentation follows the standard emacs mode for Erlang code.
2017-03-19 19:28:39 +01:00 · 2017-03-19 19:28:39 +01:00 · fffe07e965
commit fffe07e965
parent ec60a63874
3 changed files with 408 additions and 381 deletions
--- a/src/enacl.erl
+++ b/src/enacl.erl
@ -18,82 +18,82 @@
 %% Public key crypto
 -export([
-  box_keypair/0,
+         box_keypair/0,
-  box/4,
+         box/4,
-  box_open/4,
+         box_open/4,
-  box_beforenm/2,
+         box_beforenm/2,
-  box_afternm/3,
+         box_afternm/3,
-  box_open_afternm/3,
+         box_open_afternm/3,
-  box_nonce_size/0,
+         box_nonce_size/0,
-  box_public_key_bytes/0,
+         box_public_key_bytes/0,
-  box_secret_key_bytes/0,
+         box_secret_key_bytes/0,
-  box_beforenm_bytes/0,
+         box_beforenm_bytes/0,
-  sign_keypair_public_size/0,
+         sign_keypair_public_size/0,
-  sign_keypair_secret_size/0,
+         sign_keypair_secret_size/0,
-  sign_keypair/0,
+         sign_keypair/0,
-  sign/2,
+         sign/2,
-  sign_open/2,
+         sign_open/2,
-  sign_detached/2,
+         sign_detached/2,
-  sign_verify_detached/3,
+         sign_verify_detached/3,
-  box_seal/2,
+         box_seal/2,
-  box_seal_open/3
+         box_seal_open/3
 ]).
 %% Secret key crypto
 -export([
-  secretbox_key_size/0,
+         secretbox_key_size/0,
-  secretbox_nonce_size/0,
+         secretbox_nonce_size/0,
-  secretbox/3,
+         secretbox/3,
-  secretbox_open/3,
+         secretbox_open/3,
-  stream_chacha20_key_size/0,
+         stream_chacha20_key_size/0,
-  stream_chacha20_nonce_size/0,
+         stream_chacha20_nonce_size/0,
-  stream_chacha20/3,
+         stream_chacha20/3,
-  stream_chacha20_xor/3,
+         stream_chacha20_xor/3,
-  stream_key_size/0,
+         stream_key_size/0,
-  stream_nonce_size/0,
+         stream_nonce_size/0,
-  stream/3,
+         stream/3,
-  stream_xor/3,
+         stream_xor/3,
-  auth_key_size/0,
+         auth_key_size/0,
-  auth_size/0,
+         auth_size/0,
-  auth/2,
+         auth/2,
-  auth_verify/3,
+         auth_verify/3,
-  shorthash_key_size/0,
+         shorthash_key_size/0,
-  shorthash_size/0,
+         shorthash_size/0,
-  shorthash/2,
+         shorthash/2,
-  onetime_auth_key_size/0,
+         onetime_auth_key_size/0,
-  onetime_auth_size/0,
+         onetime_auth_size/0,
-  onetime_auth/2,
+         onetime_auth/2,
-  onetime_auth_verify/3
+         onetime_auth_verify/3
 ]).
 %% Curve 25519.
 -export([
-  curve25519_scalarmult/1, curve25519_scalarmult/2
+         curve25519_scalarmult/1, curve25519_scalarmult/2
 ]).
 %% Ed 25519.
 -export([
-  crypto_sign_ed25519_keypair/0,
+         crypto_sign_ed25519_keypair/0,
-  crypto_sign_ed25519_public_to_curve25519/1,
+         crypto_sign_ed25519_public_to_curve25519/1,
-  crypto_sign_ed25519_secret_to_curve25519/1,
+         crypto_sign_ed25519_secret_to_curve25519/1,
-  crypto_sign_ed25519_public_size/0,
+         crypto_sign_ed25519_public_size/0,
-  crypto_sign_ed25519_secret_size/0
+         crypto_sign_ed25519_secret_size/0
-]).
+        ]).
 %% Low-level functions
 -export([
-  hash/1,
+         hash/1,
-  verify_16/2,
+         verify_16/2,
-  verify_32/2,
+         verify_32/2,
-  unsafe_memzero/1
+         unsafe_memzero/1
 ]).
 %% Key exchange functions
@ -108,11 +108,11 @@
 %% Libsodium specific functions (which are also part of the "undocumented" interface to NaCl
 -export([
-  randombytes/1
+         randombytes/1
 ]).
 -export([
-  verify/0
+         verify/0
 ]).
 %% Definitions of system budgets
@ -159,20 +159,21 @@ verify() ->
    true = equals(binary:copy(<<0>>, enacl_nif:crypto_box_BOXZEROBYTES()), ?P_BOXZEROBYTES),
    true = equals(binary:copy(<<0>>, enacl_nif:crypto_secretbox_ZEROBYTES()), ?S_ZEROBYTES),
    true = equals(binary:copy(<<0>>, enacl_nif:crypto_secretbox_BOXZEROBYTES()),
-      ?S_BOXZEROBYTES),
+                  ?S_BOXZEROBYTES),
-    Verifiers = [
+    Verifiers =
-        {crypto_stream_chacha20_KEYBYTES, ?CRYPTO_STREAM_CHACHA20_KEYBYTES},
+        [
-        {crypto_stream_chacha20_NONCEBYTES, ?CRYPTO_STREAM_CHACHA20_NONCEBYTES},
+         {crypto_stream_chacha20_KEYBYTES, ?CRYPTO_STREAM_CHACHA20_KEYBYTES},
-        {crypto_stream_KEYBYTES, ?CRYPTO_STREAM_KEYBYTES},
+         {crypto_stream_chacha20_NONCEBYTES, ?CRYPTO_STREAM_CHACHA20_NONCEBYTES},
-        {crypto_stream_NONCEBYTES, ?CRYPTO_STREAM_NONCEBYTES},
+         {crypto_stream_KEYBYTES, ?CRYPTO_STREAM_KEYBYTES},
-        {crypto_box_ZEROBYTES, ?CRYPTO_BOX_ZEROBYTES},
+         {crypto_stream_NONCEBYTES, ?CRYPTO_STREAM_NONCEBYTES},
-        {crypto_box_BOXZEROBYTES, ?CRYPTO_BOX_BOXZEROBYTES},
+         {crypto_box_ZEROBYTES, ?CRYPTO_BOX_ZEROBYTES},
-        {crypto_secretbox_ZEROBYTES, ?CRYPTO_SECRETBOX_ZEROBYTES},
+         {crypto_box_BOXZEROBYTES, ?CRYPTO_BOX_BOXZEROBYTES},
-        {crypto_secretbox_BOXZEROBYTES, ?CRYPTO_SECRETBOX_BOXZEROBYTES},
+         {crypto_secretbox_ZEROBYTES, ?CRYPTO_SECRETBOX_ZEROBYTES},
-        {crypto_kx_SESSIONKEYBYTES, ?CRYPTO_KX_SESSIONKEYBYTES},
+         {crypto_secretbox_BOXZEROBYTES, ?CRYPTO_SECRETBOX_BOXZEROBYTES},
-        {crypto_kx_PUBLICKEYBYTES, ?CRYPTO_KX_PUBLICKEYBYTES},
+         {crypto_kx_SESSIONKEYBYTES, ?CRYPTO_KX_SESSIONKEYBYTES},
-        {crypto_kx_SECRETKEYBYTES, ?CRYPTO_KX_SECRETKEYBYTES}
+         {crypto_kx_PUBLICKEYBYTES, ?CRYPTO_KX_PUBLICKEYBYTES},
         {crypto_kx_SECRETKEYBYTES, ?CRYPTO_KX_SECRETKEYBYTES}
    ],
    run_verifiers(Verifiers).
@ -197,9 +198,9 @@ equals(X,Y) -> {X, '/=', Y}.
 %% <p>The currently selected primitive (Nov. 2014) is SHA-512</p>
 %% @end
 -spec hash(Data) -> Checksum
-  when Data :: iodata(),
+    when
-       Checksum :: binary().
+      Data :: iodata(),
-
+      Checksum :: binary().
 hash(Bin) ->
    case iolist_size(Bin) of
        K when K =< ?HASH_SIZE ->
@ -220,16 +221,20 @@ hash(Bin) ->
 %% <p>Verification returns a boolean. `true' if the strings match, `false' otherwise.</p>
 %% @end
 -spec verify_16(binary(), binary()) -> boolean().
-verify_16(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_16(X, Y);
+verify_16(X, Y) when is_binary(X), is_binary(Y) ->
-verify_16(_, _) -> error(badarg).
+    enacl_nif:crypto_verify_16(X, Y);
 verify_16(_, _) ->
    error(badarg).
 %% @doc verify_32/2 implements constant time 32-byte iolist() verification
 %%
 %% This function works as {@link verify_16/2} but does so on 32 byte strings. Same caveats apply.
 %% @end
 -spec verify_32(binary(), binary()) -> boolean().
-verify_32(X, Y) when is_binary(X), is_binary(Y) -> enacl_nif:crypto_verify_32(X, Y);
+verify_32(X, Y) when is_binary(X), is_binary(Y) ->
-verify_32(_, _) -> error(badarg).
+    enacl_nif:crypto_verify_32(X, Y);
 verify_32(_, _) ->
    error(badarg).
 %% @doc unsafe_memzero/1 ipmlements guaranteed zero'ing of binary data.
 %%
@ -239,8 +244,10 @@ verify_32(_, _) -> error(badarg).
 %% a running process without copies. This allows removing, eg, symmetric session keys. </p>
 %% @end
 -spec unsafe_memzero(binary()) -> atom().
-unsafe_memzero(X) when is_binary(X) -> enacl_nif:sodium_memzero(X);
+unsafe_memzero(X) when is_binary(X) ->
-unsafe_memzero(_) -> error(badarg).
+    enacl_nif:sodium_memzero(X);
 unsafe_memzero(_) ->
    error(badarg).
 %% Public Key Crypto
 %% ---------------------
@ -251,8 +258,8 @@ unsafe_memzero(_) -> error(badarg).
 %% @end.
 -spec box_keypair() -> #{ atom() => binary() }.
 box_keypair() ->
-  {PK, SK} = enacl_nif:crypto_box_keypair(),
+    {PK, SK} = enacl_nif:crypto_box_keypair(),
-  #{ public => PK, secret => SK}.
+    #{ public => PK, secret => SK}.
 %% @doc box/4 encrypts+authenticates a message to another party.
@ -261,11 +268,12 @@ box_keypair() ->
 %% authenticate yourself. Requires a `Nonce' in addition. Returns the ciphered message.
 %% @end
 -spec box(Msg, Nonce, PK, SK) -> CipherText
-  when Msg :: iodata(),
+    when
-       Nonce :: binary(),
+      Msg :: iodata(),
-       PK :: binary(),
+      Nonce :: binary(),
-       SK :: binary(),
+      PK :: binary(),
-       CipherText :: binary().
+      SK :: binary(),
      CipherText :: binary().
 box(Msg, Nonce, PK, SK) ->
    enacl_nif:crypto_box([?P_ZEROBYTES, Msg], Nonce, PK, SK).
@ -276,11 +284,12 @@ box(Msg, Nonce, PK, SK) ->
 %% message.
 %% @end
 -spec box_open(CipherText, Nonce, PK, SK) -> {ok, Msg} | {error, failed_verification}
-  when CipherText :: iodata(),
+    when
-       Nonce :: binary(),
+      CipherText :: iodata(),
-       PK :: binary(),
+      Nonce :: binary(),
-       SK :: binary(),
+      PK :: binary(),
-       Msg :: binary().
+      SK :: binary(),
      Msg :: binary().
 box_open(CipherText, Nonce, PK, SK) ->
    case enacl_nif:crypto_box_open([?P_BOXZEROBYTES, CipherText], Nonce, PK, SK) of
        {error, Err} -> {error, Err};
@ -305,16 +314,16 @@ box_beforenm(PK, SK) ->
 %% and thus is a much faster operation.
 %% @end
 -spec box_afternm(Msg, Nonce, K) -> CipherText
-  when
+    when
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    K :: binary(),
+      K :: binary(),
-    CipherText :: binary().
+      CipherText :: binary().
 box_afternm(Msg, Nonce, Key) ->
    case iolist_size(Msg) of
        K when K =< ?BOX_AFTERNM_SIZE ->
            bump(enacl_nif:crypto_box_afternm_b([?P_ZEROBYTES, Msg], Nonce, Key),
-              ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K);
+                 ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K);
        _ ->
            enacl_nif:crypto_box_afternm([?P_ZEROBYTES, Msg], Nonce, Key)
    end.
@ -326,24 +335,30 @@ box_afternm(Msg, Nonce, Key) ->
 %% computations in the elliptic curve Curve25519.
 %% @end
 -spec box_open_afternm(CT, Nonce, K) -> {ok, Msg} | {error, failed_verification}
-  when
+    when
-    CT :: binary(),
+      CT :: binary(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    K :: binary(),
+      K :: binary(),
-    Msg :: binary().
+      Msg :: binary().
 box_open_afternm(CipherText, Nonce, Key) ->
    case iolist_size(CipherText) of
        K when K =< ?BOX_AFTERNM_SIZE ->
-           R =
+            R =
-            case enacl_nif:crypto_box_open_afternm_b([?P_BOXZEROBYTES, CipherText], Nonce, Key) of
+                case enacl_nif:crypto_box_open_afternm_b(
-              {error, Err} -> {error, Err};
+                       [?P_BOXZEROBYTES, CipherText], Nonce, Key) of
-              Bin when is_binary(Bin) -> {ok, Bin}
+                    {error, Err} ->
-            end,
+                        {error, Err};
-           bump(R, ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K);
+                    Bin when is_binary(Bin) ->
                        {ok, Bin}
                end,
            bump(R, ?BOX_AFTERNM_REDUCTIONS, ?BOX_AFTERNM_SIZE, K);
        _ ->
-            case enacl_nif:crypto_box_open_afternm([?P_BOXZEROBYTES, CipherText], Nonce, Key) of
+            case enacl_nif:crypto_box_open_afternm(
-              {error, Err} -> {error, Err};
+                   [?P_BOXZEROBYTES, CipherText], Nonce, Key) of
-              Bin when is_binary(Bin) -> {ok, Bin}
+                {error, Err} ->
                    {error, Err};
                Bin when is_binary(Bin) ->
                    {ok, Bin}
            end
    end.
@ -353,16 +368,16 @@ box_open_afternm(CipherText, Nonce, Key) ->
 %% @end.
 -spec box_nonce_size() -> pos_integer().
 box_nonce_size() ->
-  enacl_nif:crypto_box_NONCEBYTES().
+    enacl_nif:crypto_box_NONCEBYTES().
 %% @private
 -spec box_public_key_bytes() -> pos_integer().
 box_public_key_bytes() ->
-  enacl_nif:crypto_box_PUBLICKEYBYTES().
+    enacl_nif:crypto_box_PUBLICKEYBYTES().
 %% @private
 box_beforenm_bytes() ->
-  enacl_nif:crypto_box_BEFORENMBYTES().
+    enacl_nif:crypto_box_BEFORENMBYTES().
 %% Signatures
@ -388,10 +403,10 @@ sign_keypair() ->
 %% Given a message `M' and a secret key `SK' the function will sign the message and return a signed message `SM'.
 %% @end
 -spec sign(M, SK) -> SM
-  when
+    when
-    M :: iodata(),
+      M :: iodata(),
-    SK :: binary(),
+      SK :: binary(),
-    SM :: binary().
+      SM :: binary().
 sign(M, SK) ->
    enacl_nif:crypto_sign(M, SK).
@ -402,14 +417,14 @@ sign(M, SK) ->
 %% on the correctness of the signature.
 %% @end
 -spec sign_open(SM, PK) -> {ok, M} | {error, failed_verification}
-  when
+    when
-    SM :: iodata(),
+      SM :: iodata(),
-    PK :: binary(),
+      PK :: binary(),
-    M :: binary().
+      M :: binary().
 sign_open(SM, PK) ->
-   case enacl_nif:crypto_sign_open(SM, PK) of
+    case enacl_nif:crypto_sign_open(SM, PK) of
-       M when is_binary(M) -> {ok, M};
+        M when is_binary(M) -> {ok, M};
-       {error, Err} -> {error, Err}
+        {error, Err} -> {error, Err}
    end.
 %% @doc sign_detached/2 computes a digital signature given a message and a secret key.
@ -417,10 +432,10 @@ sign_open(SM, PK) ->
 %% Given a message `M' and a secret key `SK' the function will compute the digital signature `DS'.
 %% @end
 -spec sign_detached(M, SK) -> DS
-  when
+    when
-    M  :: iodata(),
+      M  :: iodata(),
-    SK :: binary(),
+      SK :: binary(),
-    DS :: binary().
+      DS :: binary().
 sign_detached(M, SK) ->
    enacl_nif:crypto_sign_detached(M, SK).
@ -430,10 +445,10 @@ sign_detached(M, SK) ->
 %% Given a signature `SIG', a message `M', and a public key `PK', the function computes
 %% true iff the `SIG' is valid for `M' and `PK'.
 -spec sign_verify_detached(SIG, M, PK) -> {ok, M} | {error, failed_verification}
-  when
+    when
-    SIG :: binary(),
+      SIG :: binary(),
-    M   :: iodata(),
+      M   :: iodata(),
-    PK  :: binary().
+      PK  :: binary().
 sign_verify_detached(SIG, M, PK) ->
    case enacl_nif:crypto_sign_verify_detached(SIG, M, PK) of
        true -> {ok, M};
@ -443,7 +458,7 @@ sign_verify_detached(SIG, M, PK) ->
 %% @private
 -spec box_secret_key_bytes() -> pos_integer().
 box_secret_key_bytes() ->
-  enacl_nif:crypto_box_SECRETKEYBYTES().
+    enacl_nif:crypto_box_SECRETKEYBYTES().
 %% @doc seal_box/2 encrypts an anonymous message to another party.
 %%
@ -452,9 +467,10 @@ box_secret_key_bytes() ->
 %% enciphered message `SealedCipherText' which includes ephemeral public key at head.
 %% @end
 -spec box_seal(Msg, PK) -> SealedCipherText
-  when Msg :: iodata(),
+    when
-       PK :: binary(),
+      Msg :: iodata(),
-       SealedCipherText :: binary().
+      PK :: binary(),
      SealedCipherText :: binary().
 box_seal(Msg, PK) ->
    enacl_nif:crypto_box_seal(Msg, PK).
@ -465,7 +481,8 @@ box_seal(Msg, PK) ->
 %% plaintext message.
 %% @end
 -spec box_seal_open(SealedCipherText, PK, SK) -> {ok, Msg} | {error, failed_verification}
-  when SealedCipherText :: iodata(),
+    when
      SealedCipherText :: iodata(),
      PK :: binary(),
      SK :: binary(),
      Msg :: binary().
@ -481,21 +498,20 @@ box_seal_open(SealedCipherText, PK, SK) ->
 %% nonce into consideration. The function returns the Box obtained from the encryption.
 %% @end
 -spec secretbox(Msg, Nonce, Key) -> Box
-  when
+    when
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    Key :: binary(),
+      Key :: binary(),
-    Box :: binary().
+      Box :: binary().
 secretbox(Msg, Nonce, Key) ->
    case iolist_size(Msg) of
        K when K =< ?SECRETBOX_SIZE ->
-          bump(enacl_nif:crypto_secretbox_b([?S_ZEROBYTES, Msg], Nonce, Key),
+            bump(enacl_nif:crypto_secretbox_b([?S_ZEROBYTES, Msg], Nonce, Key),
-               ?SECRETBOX_REDUCTIONS,
+                 ?SECRETBOX_REDUCTIONS,
-               ?SECRETBOX_SIZE,
+                 ?SECRETBOX_SIZE,
-               K);
+                 K);
        _ ->
-          enacl_nif:crypto_secretbox([?S_ZEROBYTES, Msg], Nonce, Key)
+            enacl_nif:crypto_secretbox([?S_ZEROBYTES, Msg], Nonce, Key)
    end.
 %% @doc secretbox_open/3 opens a sealed box.
 %%
@ -503,26 +519,26 @@ secretbox(Msg, Nonce, Key) ->
 %% to obtain the `Msg` within. Returns either `{ok, Msg}' or `{error, failed_verification}'.
 %% @end
 -spec secretbox_open(CipherText, Nonce, Key) -> {ok, Msg} | {error, failed_verification}
-  when
+    when
-    CipherText :: iodata(),
+      CipherText :: iodata(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    Key :: binary(),
+      Key :: binary(),
-    Msg :: binary().
+      Msg :: binary().
 secretbox_open(CipherText, Nonce, Key) ->
    case iolist_size(CipherText) of
        K when K =< ?SECRETBOX_SIZE ->
-          R = case enacl_nif:crypto_secretbox_open_b([?S_BOXZEROBYTES, CipherText],
+            R = case enacl_nif:crypto_secretbox_open_b([?S_BOXZEROBYTES, CipherText],
-                                                     Nonce, Key) of
+                                                       Nonce, Key) of
-                  {error, Err} -> {error, Err};
+                    {error, Err} -> {error, Err};
-                  Bin when is_binary(Bin) -> {ok, Bin}
+                    Bin when is_binary(Bin) -> {ok, Bin}
-              end,
+                end,
-          bump(R, ?SECRETBOX_OPEN_REDUCTIONS, ?SECRETBOX_SIZE, K);
+            bump(R, ?SECRETBOX_OPEN_REDUCTIONS, ?SECRETBOX_SIZE, K);
        _ ->
-          case enacl_nif:crypto_secretbox_open([?S_BOXZEROBYTES, CipherText], Nonce, Key) of
+            case enacl_nif:crypto_secretbox_open([?S_BOXZEROBYTES, CipherText], Nonce, Key) of
-              {error, Err} -> {error, Err};
+                {error, Err} -> {error, Err};
-              Bin when is_binary(Bin) -> {ok, Bin}
+                Bin when is_binary(Bin) -> {ok, Bin}
-          end
+            end
-   end.
+    end.
 %% @doc secretbox_nonce_size/0 returns the size of the secretbox nonce
 %%
@ -541,12 +557,14 @@ secretbox_key_size() ->
 %% @doc stream_chacha20_nonce_size/0 returns the byte size of the nonce for streams
 %% @end
 -spec stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
-stream_chacha20_nonce_size() -> ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
+stream_chacha20_nonce_size() ->
    ?CRYPTO_STREAM_CHACHA20_NONCEBYTES.
 %% @doc stream_key_size/0 returns the byte size of the key for streams
 %% @end
 -spec stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
-stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
+stream_chacha20_key_size() ->
    ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
 %% @doc stream_chacha20/3 produces a cryptographic stream suitable for secret-key encryption
 %%
@ -557,11 +575,11 @@ stream_chacha20_key_size() -> ?CRYPTO_STREAM_CHACHA20_KEYBYTES.
 %% the messages will have predictability which in turn makes the encryption scheme fail.</p>
 %% @end
 -spec stream_chacha20(Len, Nonce, Key) -> CryptoStream
-  when
+    when
-    Len :: non_neg_integer(),
+      Len :: non_neg_integer(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    Key :: binary(),
+      Key :: binary(),
-    CryptoStream :: binary().
+      CryptoStream :: binary().
 stream_chacha20(Len, Nonce, Key) when is_integer(Len), Len >= 0, Len =< ?STREAM_SIZE ->
    bump(enacl_nif:crypto_stream_chacha20_b(Len, Nonce, Key),
         ?STREAM_REDUCTIONS,
@ -577,31 +595,33 @@ stream_chacha20(_, _, _) -> error(badarg).
 %% caveat applies: the nonce must be new for each sent message or the system fails to work.
 %% @end
 -spec stream_chacha20_xor(Msg, Nonce, Key) -> CipherText
-  when
+    when
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    Key :: binary(),
+      Key :: binary(),
-    CipherText :: binary().
+      CipherText :: binary().
 stream_chacha20_xor(Msg, Nonce, Key) ->
    case iolist_size(Msg) of
-      K when K =< ?STREAM_SIZE ->
+        K when K =< ?STREAM_SIZE ->
-        bump(enacl_nif:crypto_stream_chacha20_xor_b(Msg, Nonce, Key),
+            bump(enacl_nif:crypto_stream_chacha20_xor_b(Msg, Nonce, Key),
-             ?STREAM_REDUCTIONS,
+                 ?STREAM_REDUCTIONS,
-             ?STREAM_SIZE,
+                 ?STREAM_SIZE,
-             K);
+                 K);
-      _ ->
+        _ ->
-        enacl_nif:crypto_stream_chacha20_xor(Msg, Nonce, Key)
+            enacl_nif:crypto_stream_chacha20_xor(Msg, Nonce, Key)
    end.
 %% @doc stream_nonce_size/0 returns the byte size of the nonce for streams
 %% @end
 -spec stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES.
-stream_nonce_size() -> ?CRYPTO_STREAM_NONCEBYTES.
+stream_nonce_size() ->
    ?CRYPTO_STREAM_NONCEBYTES.
 %% @doc stream_key_size/0 returns the byte size of the key for streams
 %% @end
 -spec stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
-stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
+stream_key_size() ->
    ?CRYPTO_STREAM_KEYBYTES.
 %% @doc stream/3 produces a cryptographic stream suitable for secret-key encryption
 %%
@ -612,11 +632,11 @@ stream_key_size() -> ?CRYPTO_STREAM_KEYBYTES.
 %% the messages will have predictability which in turn makes the encryption scheme fail.</p>
 %% @end
 -spec stream(Len, Nonce, Key) -> CryptoStream
-  when
+    when
-    Len :: non_neg_integer(),
+      Len :: non_neg_integer(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    Key :: binary(),
+      Key :: binary(),
-    CryptoStream :: binary().
+      CryptoStream :: binary().
 stream(Len, Nonce, Key) when is_integer(Len), Len >= 0, Len =< ?STREAM_SIZE ->
    bump(enacl_nif:crypto_stream_b(Len, Nonce, Key),
         ?STREAM_REDUCTIONS,
@ -632,31 +652,33 @@ stream(_, _, _) -> error(badarg).
 %% caveat applies: the nonce must be new for each sent message or the system fails to work.
 %% @end
 -spec stream_xor(Msg, Nonce, Key) -> CipherText
-  when
+    when
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Nonce :: binary(),
+      Nonce :: binary(),
-    Key :: binary(),
+      Key :: binary(),
-    CipherText :: binary().
+      CipherText :: binary().
 stream_xor(Msg, Nonce, Key) ->
    case iolist_size(Msg) of
-      K when K =< ?STREAM_SIZE ->
+        K when K =< ?STREAM_SIZE ->
-        bump(enacl_nif:crypto_stream_xor_b(Msg, Nonce, Key),
+            bump(enacl_nif:crypto_stream_xor_b(Msg, Nonce, Key),
-             ?STREAM_REDUCTIONS,
+                 ?STREAM_REDUCTIONS,
-             ?STREAM_SIZE,
+                 ?STREAM_SIZE,
-             K);
+                 K);
-      _ ->
+        _ ->
-        enacl_nif:crypto_stream_xor(Msg, Nonce, Key)
+            enacl_nif:crypto_stream_xor(Msg, Nonce, Key)
    end.
 %% @doc auth_key_size/0 returns the byte-size of the authentication key
 %% @end
 -spec auth_key_size() -> pos_integer().
-auth_key_size() -> enacl_nif:crypto_auth_KEYBYTES().
+auth_key_size() ->
    enacl_nif:crypto_auth_KEYBYTES().
 %% @doc auth_size/0 returns the byte-size of the authenticator
 %% @end
 -spec auth_size() -> pos_integer().
-auth_size() -> enacl_nif:crypto_auth_BYTES().
+auth_size() ->
    enacl_nif:crypto_auth_BYTES().
 %% @doc auth/2 produces an authenticator (MAC) for a message
 %%
@ -664,16 +686,16 @@ auth_size() -> enacl_nif:crypto_auth_BYTES().
 %% An eavesdropper will not learn anything extra about the message structure.
 %% @end
 -spec auth(Msg, Key) -> Authenticator
-  when
+    when
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Key :: binary(),
+      Key :: binary(),
-    Authenticator :: binary().
+      Authenticator :: binary().
 auth(Msg, Key) ->
-  case iolist_size(Msg) of
+    case iolist_size(Msg) of
-    K when K =< ?AUTH_SIZE ->
+      K when K =< ?AUTH_SIZE ->
-      bump(enacl_nif:crypto_auth_b(Msg, Key), ?AUTH_REDUCTIONS, ?AUTH_SIZE, K);
+          bump(enacl_nif:crypto_auth_b(Msg, Key), ?AUTH_REDUCTIONS, ?AUTH_SIZE, K);
-    _ ->
+      _ ->
-      enacl_nif:crypto_auth(Msg, Key)
+          enacl_nif:crypto_auth(Msg, Key)
  end.
 %% @doc auth_verify/3 verifies an authenticator for a message
@ -682,30 +704,32 @@ auth(Msg, Key) ->
 %% the value `true' if the verfication passes. Upon failure, the function returns `false'.
 %% @end
 -spec auth_verify(Authenticator, Msg, Key) -> boolean()
-  when
+    when
-    Authenticator :: binary(),
+      Authenticator :: binary(),
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Key :: binary().
+      Key :: binary().
 auth_verify(A, M, K) ->
    case iolist_size(M) of
-      K when K =< ?AUTH_SIZE ->
+        K when K =< ?AUTH_SIZE ->
-        bump(enacl_nif:crypto_auth_verify_b(A, M, K),
+            bump(enacl_nif:crypto_auth_verify_b(A, M, K),
-             ?AUTH_REDUCTIONS,
+                 ?AUTH_REDUCTIONS,
-             ?AUTH_SIZE,
+                 ?AUTH_SIZE,
-             K);
+                 K);
-      _ ->
+        _ ->
-        enacl_nif:crypto_auth_verify(A, M, K)
+            enacl_nif:crypto_auth_verify(A, M, K)
    end.
 %% @doc shorthash_key_size/0 returns the byte-size of the authentication key
 %% @end
 -spec shorthash_key_size() -> pos_integer().
-shorthash_key_size() -> enacl_nif:crypto_shorthash_KEYBYTES().
+shorthash_key_size() ->
    enacl_nif:crypto_shorthash_KEYBYTES().
 %% @doc shorthash_size/0 returns the byte-size of the authenticator
 %% @end
 -spec shorthash_size() -> pos_integer().
-shorthash_size() -> enacl_nif:crypto_shorthash_BYTES().
+shorthash_size() ->
    enacl_nif:crypto_shorthash_BYTES().
 %% @doc shorthash/2 produces a short authenticator (MAC) for a message suitable for hashtables and refs
 %%
@ -713,12 +737,12 @@ shorthash_size() -> enacl_nif:crypto_shorthash_BYTES().
 %% An eavesdropper will not learn anything extra about the message structure.
 %% @end
 -spec shorthash(Msg, Key) -> Authenticator
-  when
+    when
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Key :: binary(),
+      Key :: binary(),
-    Authenticator :: binary().
+      Authenticator :: binary().
 shorthash(Msg, Key) ->
-      enacl_nif:crypto_shorthash(Msg, Key).
+    enacl_nif:crypto_shorthash(Msg, Key).
 %% @doc onetime_auth/2 produces a ONE-TIME authenticator for a message
 %%
@ -726,19 +750,19 @@ shorthash(Msg, Key) ->
 %% `{Msg, Key}' is unique and only to be used once. The advantage is noticably faster execution.
 %% @end
 -spec onetime_auth(Msg, Key) -> Authenticator
-  when
+    when
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Key :: binary(),
+      Key :: binary(),
-    Authenticator :: binary().
+      Authenticator :: binary().
 onetime_auth(Msg, Key) ->
    case iolist_size(Msg) of
-      K when K =< ?ONETIME_AUTH_SIZE ->
+        K when K =< ?ONETIME_AUTH_SIZE ->
-        bump(enacl_nif:crypto_onetimeauth_b(Msg, Key),
+            bump(enacl_nif:crypto_onetimeauth_b(Msg, Key),
-             ?ONETIME_AUTH_REDUCTIONS,
+                 ?ONETIME_AUTH_REDUCTIONS,
-             ?ONETIME_AUTH_SIZE,
+                 ?ONETIME_AUTH_SIZE,
-             K);
+                 K);
-      _ ->
+        _ ->
-        enacl_nif:crypto_onetimeauth(Msg, Key)
+            enacl_nif:crypto_onetimeauth(Msg, Key)
    end.
 %% @doc onetime_auth_verify/3 verifies an ONE-TIME authenticator for a message
@ -748,30 +772,32 @@ onetime_auth(Msg, Key) ->
 %% applies: you are not allowed to ever use the same key again for another message.
 %% @end
 -spec onetime_auth_verify(Authenticator, Msg, Key) -> boolean()
-  when
+    when
-    Authenticator :: binary(),
+      Authenticator :: binary(),
-    Msg :: iodata(),
+      Msg :: iodata(),
-    Key :: binary().
+      Key :: binary().
 onetime_auth_verify(A, M, K) ->
    case iolist_size(M) of
-      K when K =< ?ONETIME_AUTH_SIZE ->
+        K when K =< ?ONETIME_AUTH_SIZE ->
-        bump(enacl_nif:crypto_onetimeauth_verify_b(A, M, K),
+            bump(enacl_nif:crypto_onetimeauth_verify_b(A, M, K),
-             ?ONETIME_AUTH_REDUCTIONS,
+                 ?ONETIME_AUTH_REDUCTIONS,
-             ?ONETIME_AUTH_SIZE,
+                 ?ONETIME_AUTH_SIZE,
-             K);
+                 K);
-      _ ->
+        _ ->
-        enacl_nif:crypto_onetimeauth_verify(A, M, K)
+            enacl_nif:crypto_onetimeauth_verify(A, M, K)
    end.
 %% @doc onetime_auth_size/0 returns the number of bytes of the one-time authenticator
 %% @end
 -spec onetime_auth_size() -> pos_integer().
-onetime_auth_size() -> enacl_nif:crypto_onetimeauth_BYTES().
+onetime_auth_size() ->
    enacl_nif:crypto_onetimeauth_BYTES().
 %% @doc onetime_auth_key_size/0 returns the byte-size of the onetime authentication key
 %% @end
 -spec onetime_auth_key_size() -> pos_integer().
-onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES().
+onetime_auth_key_size() ->
    enacl_nif:crypto_onetimeauth_KEYBYTES().
 %% Curve 25519 Crypto
 %% ------------------
@ -779,7 +805,7 @@ onetime_auth_key_size() -> enacl_nif:crypto_onetimeauth_KEYBYTES().
 %% @end.
 -spec curve25519_scalarmult(Secret :: binary(), BasePoint :: binary()) -> binary().
 curve25519_scalarmult(Secret, BasePoint) ->
-  enacl_nif:crypto_curve25519_scalarmult(Secret, BasePoint).
+    enacl_nif:crypto_curve25519_scalarmult(Secret, BasePoint).
 %% @doc curve25519_scalarmult/1 avoids messing up arguments.
 %% Takes as input a map `#{ secret := Secret, base_point := BasePoint }' in order to avoid
@ -797,34 +823,34 @@ curve25519_scalarmult(#{ secret := Secret, base_point := BasePoint }) ->
 %% @end
 -spec crypto_sign_ed25519_keypair() -> #{ atom() => binary() }.
 crypto_sign_ed25519_keypair() ->
-  {PK, SK} = enacl_nif:crypto_sign_ed25519_keypair(),
+    {PK, SK} = enacl_nif:crypto_sign_ed25519_keypair(),
-  #{ public => PK, secret => SK }.
+    #{ public => PK, secret => SK }.
 %% @doc crypto_sign_ed25519_public_to_curve25519/1 converts a given Ed 25519 public
 %% key to a Curve 25519 public key.
 %% @end
 -spec crypto_sign_ed25519_public_to_curve25519(PublicKey :: binary()) -> binary().
 crypto_sign_ed25519_public_to_curve25519(PublicKey) ->
-  R = enacl_nif:crypto_sign_ed25519_public_to_curve25519(PublicKey),
+    R = enacl_nif:crypto_sign_ed25519_public_to_curve25519(PublicKey),
-  erlang:bump_reductions(?ED25519_PUBLIC_TO_CURVE_REDS),
+    erlang:bump_reductions(?ED25519_PUBLIC_TO_CURVE_REDS),
-  R.
+    R.
 %% @doc crypto_sign_ed25519_secret_to_curve25519/1 converts a given Ed 25519 secret
 %% key to a Curve 25519 secret key.
 %% @end
 -spec crypto_sign_ed25519_secret_to_curve25519(SecretKey :: binary()) -> binary().
 crypto_sign_ed25519_secret_to_curve25519(SecretKey) ->
-  R = enacl_nif:crypto_sign_ed25519_secret_to_curve25519(SecretKey),
+    R = enacl_nif:crypto_sign_ed25519_secret_to_curve25519(SecretKey),
-  erlang:bump_reductions(?ED25519_SECRET_TO_CURVE_REDS),
+    erlang:bump_reductions(?ED25519_SECRET_TO_CURVE_REDS),
-  R.
+    R.
 -spec crypto_sign_ed25519_public_size() -> pos_integer().
 crypto_sign_ed25519_public_size() ->
-  enacl_nif:crypto_sign_ed25519_PUBLICKEYBYTES().
+    enacl_nif:crypto_sign_ed25519_PUBLICKEYBYTES().
 -spec crypto_sign_ed25519_secret_size() -> pos_integer().
 crypto_sign_ed25519_secret_size() ->
-  enacl_nif:crypto_sign_ed25519_SECRETKEYBYTES().
+    enacl_nif:crypto_sign_ed25519_SECRETKEYBYTES().
 %% Key exchange functions
 %% ----------------------
@ -835,8 +861,8 @@ crypto_sign_ed25519_secret_size() ->
 %% @end
 -spec kx_keypair() -> #{ atom() => binary() }.
 kx_keypair() ->
-  {PK, SK} = enacl_nif:crypto_kx_keypair(),
+    {PK, SK} = enacl_nif:crypto_kx_keypair(),
-  #{ public => PK, secret => SK}.
+    #{ public => PK, secret => SK}.
 %% @doc kx_client_session_keys/3 computes and returns shared keys for client session.
 %%
@ -846,13 +872,13 @@ kx_keypair() ->
 %% `client_tx' will by used by the client to send data to the server.</p>
 %% @end
 -spec kx_client_session_keys(ClientPk, ClientSk, ServerPk) -> #{ atom() => binary() }
-  when
+    when
-    ClientPk :: binary(),
+      ClientPk :: binary(),
-    ClientSk :: binary(),
+      ClientSk :: binary(),
-    ServerPk :: binary().
+      ServerPk :: binary().
 kx_client_session_keys(ClientPk, ClientSk, ServerPk) ->
-  {Rx, Tx} = enacl_nif:crypto_kx_client_session_keys(ClientPk, ClientSk, ServerPk),
+    {Rx, Tx} = enacl_nif:crypto_kx_client_session_keys(ClientPk, ClientSk, ServerPk),
-  #{ client_rx => Rx, client_tx => Tx}.
+    #{ client_rx => Rx, client_tx => Tx}.
 %% @doc kx_server_session_keys/3 computes and returns shared keys for server session.
 %% <p>Compute two shared keys using the client's public key `ClientPk'  and the server's secret key `ServerSk'.</p>
@ -861,31 +887,31 @@ kx_client_session_keys(ClientPk, ClientSk, ServerPk) ->
 %% `server_tx' will be used by the server to send data to the client.</p>
 %% @end
 -spec kx_server_session_keys(ServerPk, ServerSk, ClientPk) -> #{ atom() => binary() }
-  when
+    when
-    ServerPk :: binary(),
+      ServerPk :: binary(),
-    ServerSk :: binary(),
+      ServerSk :: binary(),
-    ClientPk :: binary().
+      ClientPk :: binary().
 kx_server_session_keys(ServerPk, ServerSk, ClientPk) ->
-  {Rx, Tx} = enacl_nif:crypto_kx_server_session_keys(ServerPk, ServerSk, ClientPk),
+    {Rx, Tx} = enacl_nif:crypto_kx_server_session_keys(ServerPk, ServerSk, ClientPk),
-  #{ server_rx => Rx, server_tx => Tx}.
+    #{ server_rx => Rx, server_tx => Tx}.
 %% @doc kx_session_key_size/0 returns the number of bytes of the generated during key exchange session key.
 %% @end
 -spec kx_session_key_size() -> pos_integer().
 kx_session_key_size() ->
-  enacl_nif:crypto_kx_SESSIONKEYBYTES().
+    enacl_nif:crypto_kx_SESSIONKEYBYTES().
 %% @doc kx_public_key_size/0 returns the number of bytes of the public key used in key exchange.
 %% @end
 -spec kx_public_key_size() -> pos_integer().
 kx_public_key_size() ->
-  enacl_nif:crypto_kx_PUBLICKEYBYTES().
+    enacl_nif:crypto_kx_PUBLICKEYBYTES().
 %% @doc kx_secret_key_size/0 returns the number of bytes of the secret key used in key exchange.
 %% @end
 -spec kx_secret_key_size() -> pos_integer().
 kx_secret_key_size() ->
-  enacl_nif:crypto_kx_SECRETKEYBYTES().
+    enacl_nif:crypto_kx_SECRETKEYBYTES().
 %% Obtaining random bytes
--- a/src/enacl_ext.erl
+++ b/src/enacl_ext.erl
@ -6,15 +6,15 @@
 -module(enacl_ext).
 -export([
-	scramble_block_16/2
+         scramble_block_16/2
-]).
+        ]).
 %% Curve25519
 -export([
-	curve25519_keypair/0,
+         curve25519_keypair/0,
-	curve25519_public_key/1,
+         curve25519_public_key/1,
-	curve25519_shared/2
+         curve25519_shared/2
-]).
+        ]).
 %% @doc scramble_block_16/2 scrambles (encrypt) a block under a given key
 %% The rules are that the block is 16 bytes and the key is 32 bytes. The block
--- a/src/enacl_nif.erl
+++ b/src/enacl_nif.erl
@ -5,144 +5,145 @@
 %% Public key auth
 -export([
-	crypto_box_BOXZEROBYTES/0,
+         crypto_box_BOXZEROBYTES/0,
-	crypto_box_NONCEBYTES/0,
+         crypto_box_NONCEBYTES/0,
-	crypto_box_PUBLICKEYBYTES/0,
+         crypto_box_PUBLICKEYBYTES/0,
-	crypto_box_SECRETKEYBYTES/0,
+         crypto_box_SECRETKEYBYTES/0,
-	crypto_box_ZEROBYTES/0,
+         crypto_box_ZEROBYTES/0,
-	crypto_box_BEFORENMBYTES/0,
+         crypto_box_BEFORENMBYTES/0,
-	crypto_box_keypair/0,
+         crypto_box_keypair/0,
-	crypto_box/4,
+         crypto_box/4,
-	crypto_box_open/4,
+         crypto_box_open/4,
-	crypto_box_beforenm/2,
+         crypto_box_beforenm/2,
-	crypto_box_afternm/3,
+         crypto_box_afternm/3,
-	crypto_box_afternm_b/3,
+         crypto_box_afternm_b/3,
-	crypto_box_open_afternm/3,
+         crypto_box_open_afternm/3,
-	crypto_box_open_afternm_b/3,
+         crypto_box_open_afternm_b/3,
-	crypto_sign_PUBLICKEYBYTES/0,
+         crypto_sign_PUBLICKEYBYTES/0,
-	crypto_sign_SECRETKEYBYTES/0,
+         crypto_sign_SECRETKEYBYTES/0,
-	crypto_sign_keypair/0,
+         crypto_sign_keypair/0,
-	crypto_sign/2,
+         crypto_sign/2,
-	crypto_sign_open/2,
+         crypto_sign_open/2,
-	crypto_sign_detached/2,
+         crypto_sign_detached/2,
-	crypto_sign_verify_detached/3,
+         crypto_sign_verify_detached/3,
 	crypto_box_seal/2,
 	crypto_box_seal_open/3,
 	crypto_box_SEALBYTES/0
         crypto_box_seal/2,
         crypto_box_seal_open/3,
         crypto_box_SEALBYTES/0
 ]).
 %% Secret key crypto
 -export([
-	crypto_secretbox_BOXZEROBYTES/0,
+         crypto_secretbox_BOXZEROBYTES/0,
-	crypto_secretbox_KEYBYTES/0,
+         crypto_secretbox_KEYBYTES/0,
-	crypto_secretbox_NONCEBYTES/0,
+         crypto_secretbox_NONCEBYTES/0,
-	crypto_secretbox_ZEROBYTES/0,
+         crypto_secretbox_ZEROBYTES/0,
-	crypto_secretbox/3,
+         crypto_secretbox/3,
-	crypto_secretbox_b/3,
+         crypto_secretbox_b/3,
-	crypto_secretbox_open/3,
+         crypto_secretbox_open/3,
-	crypto_secretbox_open_b/3,
+         crypto_secretbox_open_b/3,
-	crypto_stream_chacha20_KEYBYTES/0,
+         crypto_stream_chacha20_KEYBYTES/0,
-	crypto_stream_chacha20_NONCEBYTES/0,
+         crypto_stream_chacha20_NONCEBYTES/0,
-	crypto_stream_chacha20/3,
+         crypto_stream_chacha20/3,
-	crypto_stream_chacha20_b/3,
+         crypto_stream_chacha20_b/3,
-	crypto_stream_chacha20_xor/3,
+         crypto_stream_chacha20_xor/3,
-	crypto_stream_chacha20_xor_b/3,
+         crypto_stream_chacha20_xor_b/3,
-	crypto_stream_KEYBYTES/0,
+         crypto_stream_KEYBYTES/0,
-	crypto_stream_NONCEBYTES/0,
+         crypto_stream_NONCEBYTES/0,
-	crypto_stream/3,
+         crypto_stream/3,
-	crypto_stream_b/3,
+         crypto_stream_b/3,
-	crypto_stream_xor/3,
+         crypto_stream_xor/3,
-	crypto_stream_xor_b/3,
+         crypto_stream_xor_b/3,
-	crypto_auth_BYTES/0,
+         crypto_auth_BYTES/0,
-	crypto_auth_KEYBYTES/0,
+         crypto_auth_KEYBYTES/0,
-	crypto_auth/2,
+         crypto_auth/2,
-	crypto_auth_b/2,
+         crypto_auth_b/2,
-	crypto_auth_verify/3,
+         crypto_auth_verify/3,
-	crypto_auth_verify_b/3,
+         crypto_auth_verify_b/3,
-	crypto_shorthash_BYTES/0,
+         crypto_shorthash_BYTES/0,
-	crypto_shorthash_KEYBYTES/0,
+         crypto_shorthash_KEYBYTES/0,
-	crypto_shorthash/2,
+         crypto_shorthash/2,
-	crypto_onetimeauth_BYTES/0,
+         crypto_onetimeauth_BYTES/0,
-	crypto_onetimeauth_KEYBYTES/0,
+         crypto_onetimeauth_KEYBYTES/0,
-	crypto_onetimeauth/2,
+         crypto_onetimeauth/2,
-	crypto_onetimeauth_b/2,
+         crypto_onetimeauth_b/2,
-	crypto_onetimeauth_verify/3,
+         crypto_onetimeauth_verify/3,
-	crypto_onetimeauth_verify_b/3
+         crypto_onetimeauth_verify_b/3
-]).
+        ]).
 %% Curve25519
 -export([
-	crypto_curve25519_scalarmult/2
+         crypto_curve25519_scalarmult/2
-]).
+        ]).
 %% Ed 25519
 -export([
-	crypto_sign_ed25519_keypair/0,
+         crypto_sign_ed25519_keypair/0,
-	crypto_sign_ed25519_public_to_curve25519/1,
+         crypto_sign_ed25519_public_to_curve25519/1,
-	crypto_sign_ed25519_secret_to_curve25519/1,
+         crypto_sign_ed25519_secret_to_curve25519/1,
-	crypto_sign_ed25519_PUBLICKEYBYTES/0,
+         crypto_sign_ed25519_PUBLICKEYBYTES/0,
-	crypto_sign_ed25519_SECRETKEYBYTES/0
+         crypto_sign_ed25519_SECRETKEYBYTES/0
-]).
+        ]).
 %% Key exchange
 -export([
-  crypto_kx_keypair/0,
+         crypto_kx_keypair/0,
-  crypto_kx_server_session_keys/3,
+         crypto_kx_server_session_keys/3,
-  crypto_kx_client_session_keys/3,
+         crypto_kx_client_session_keys/3,
-  crypto_kx_SESSIONKEYBYTES/0,
+         crypto_kx_SESSIONKEYBYTES/0,
-  crypto_kx_PUBLICKEYBYTES/0,
+         crypto_kx_PUBLICKEYBYTES/0,
-  crypto_kx_SECRETKEYBYTES/0
+         crypto_kx_SECRETKEYBYTES/0
-]).
+        ]).
 %% Miscellaneous helper functions
 -export([
-	crypto_hash/1,
+         crypto_hash/1,
-	crypto_hash_b/1,
+         crypto_hash_b/1,
-	crypto_verify_16/2,
+         crypto_verify_16/2,
-	crypto_verify_32/2,
+         crypto_verify_32/2,
-	sodium_memzero/1
+         sodium_memzero/1
-]).
+        ]).
 %% Access to the RNG
 -export([
-	randombytes/1
+         randombytes/1
-]).
+        ]).
 %% Undocumented features :>
 -export([
-	scramble_block_16/2
+         scramble_block_16/2
-]).
+        ]).
 -on_load(init/0).
 init() ->
-	SoName = filename:join(
+    Dir = case code:priv_dir(enacl) of
-		case code:priv_dir(enacl) of
+              {error, bad_name} ->
-		    {error, bad_name} ->
+                  filename:join(
-		        filename:join(filename:dirname(filename:dirname(code:which(?MODULE))), "priv");
+                    filename:dirname(
-		    Dir ->
+                      filename:dirname(
-		        Dir
+                        code:which(?MODULE))), "priv");
-		end, atom_to_list(?MODULE)),
+              D -> D
          end,
 	SoName = filename:join(Dir, atom_to_list(?MODULE)),
 	erlang:load_nif(SoName, 0).
 crypto_box_NONCEBYTES() -> erlang:nif_error(nif_not_loaded).