Make Sodium::SecretBox#key public.

README.md

@@ -112,20 +112,6 @@ dependencies:
 See `examples` for help on using these classes in a complete application.
 
 The `specs` provide the best examples of how to use or misuse individual classes.
-
-
-
-You may call `.close` on any object that retains keying material to wipe it's key(s) earlier.
-Objects with a  `.close` method also respond to `Class.open` and wipe when the block returns.
-
-```crystal
-# TODO
-Sodium::CryptoBox::SecretKey.open(sec_key, pub_key) do |secret_key|
- ... Do crypto operations ...
-end
-# sec_key is wiped
-# public keys aren't wiped.
-
 ```
 
 ### CryptoBox authenticated easy encryption

src/sodium/cipher/aead/chalsa.cr

@@ -4,18 +4,21 @@ require "../../nonce"
 
 module Sodium::Cipher::Aead
   abstract class Chalsa
-    @key : SecureBuffer
+    # Encryption key
+    getter key : SecureBuffer
 
     # Initializes with a new random key.
     def initialize
       @key = SecureBuffer.random key_size
     end
 
-    def initialize(@key : Securebuffer)
+    # Initializes with a reference to an existing ky.
+    def initialize(@key : SecureBuffer)
       raise ArgumentError.new("key size mismatch, got #{@key.bytesize}, wanted #{key_size}") if @key.bytesize != key_size
       @key.readonly
     end
 
+    # Initializes copying the key to a `SecureBuffer`.
     def initialize(bytes : Bytes, erase = false)
       raise ArgumentError.new("key size mismatch, got #{bytes.bytesize}, wanted #{key_size}") if bytes.bytesize != key_size
       @key = SecureBuffer.new bytes, erase: erase

src/sodium/secret_box.cr

@@ -22,6 +22,9 @@ module Sodium
     # Returns key
     delegate to_slice, to: @key
 
+    # Encryption key
+    getter key : SecureBuffer
+
     # Generate a new random key held in a SecureBuffer.
     def initialize
       @key = SecureBuffer.random KEY_SIZE