From a1706055e1ccf03404fba0cb3054bc826a043f30 Mon Sep 17 00:00:00 2001
From: Didactic Drunk <1479616+didactic-drunk@users.noreply.github.com>
Date: Mon, 21 Jun 2021 02:53:06 -0700
Subject: [PATCH] Internal switch to Crypto::Secret

---
 src/sodium/crypto_box.cr | 6 ++++--
 src/sodium/kdf.cr        | 4 ++--
 src/sodium/secret_box.cr | 4 ++--
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/sodium/crypto_box.cr b/src/sodium/crypto_box.cr
index 8a10996..e24f13d 100644
--- a/src/sodium/crypto_box.cr
+++ b/src/sodium/crypto_box.cr
@@ -22,8 +22,10 @@ module Sodium
       # Precalculate key for later use.
       # Large speed gains with small data sizes and many messages.
       # Small speed gains with large data sizes or few messages.
-      if LibSodium.crypto_box_beforenm(@key, @public_key.to_slice, @secret_key.to_slice) != 0
-        raise Error.new("crypto_box_beforenm")
+      @secret_key.key.readonly do |skslice|
+        if LibSodium.crypto_box_beforenm(@key, @public_key.to_slice, skslice) != 0
+          raise Error.new("crypto_box_beforenm")
+        end
       end
     end
 
diff --git a/src/sodium/kdf.cr b/src/sodium/kdf.cr
index 1be3e90..e922088 100644
--- a/src/sodium/kdf.cr
+++ b/src/sodium/kdf.cr
@@ -82,8 +82,8 @@ module Sodium
 
       subkey = SecureBuffer.new subkey_size
       subkey.readwrite do |sub_slice|
-        @sbuf.readonly do
-          if (ret = LibSodium.crypto_kdf_derive_from_key(sub_slice, sub_slice.bytesize, subkey_id, context, self.to_slice)) != 0
+        @sbuf.readonly do |sslice|
+          if (ret = LibSodium.crypto_kdf_derive_from_key(sub_slice, sub_slice.bytesize, subkey_id, context, sslice)) != 0
             raise Sodium::Error.new("crypto_kdf_derive_from_key returned #{ret} (subkey size is probably out of range)")
           end
         end
diff --git a/src/sodium/secret_box.cr b/src/sodium/secret_box.cr
index 9cca6ab..343adbc 100644
--- a/src/sodium/secret_box.cr
+++ b/src/sodium/secret_box.cr
@@ -63,8 +63,8 @@ module Sodium
       nonce ||= Nonce.random
 
       nonce.used!
-      r = @key.readonly do
-        LibSodium.crypto_secretbox_easy(dst, src, src.bytesize, nonce.to_slice, @key)
+      r = @key.readonly do |kslice|
+        LibSodium.crypto_secretbox_easy(dst, src, src.bytesize, nonce.to_slice, kslice)
       end
       raise Sodium::Error.new("crypto_secretbox_easy") if r != 0
       {dst, nonce}