timmc
commented
10 months ago Relatedly, it also might be wise to create subclasses of Key with names like SodiumBoxPublicKey. Even if the method is documented correctly, having everything be called Key makes it easy for a caller to mess up. (I'd be happy to submit a PR for this, as I've done something similar in my own use of lazysodium.)
DiffieHellman.Lazy.cryptoScalarMultaccepts parameters namedpublicKey, secretKey, but the underlying implementation expects the secret key first. If you use the documented argument order, key agreement doesn't work.https://github.com/terl/lazysodium-java/blob/64dc78554f45eb9b81e74354d61eba4e3da2452b/src/main/java/com/goterl/lazysodium/interfaces/DiffieHellman.java#L49