How to use the pysodium.crypto_secretbox_KEYBYTES function in pysodium

def test_crypto_secretbox_open(self):
        k = pysodium.randombytes(pysodium.crypto_secretbox_KEYBYTES)
        n = pysodium.randombytes(pysodium.crypto_secretbox_NONCEBYTES)
        c = pysodium.crypto_secretbox(b"howdy", n, k)
        pysodium.crypto_secretbox_open(c, n, k)

# provides a high level function to do encryption of files
    # infile specifies the filename of the input file,
    #        if '-' or not specified it uses stdin
    # outfile specifies the filename of the output file, if not specified
    #         it uses the same filename with '.pbp' appended
    # recipient specifies the name of the recipient for using public key crypto
    # self specifies the sender for signing the message using pk crypto
    # basedir provides a root for the keystores needed for pk crypto
    # if both self and recipient is specified pk crypto is used, otherwise symmetric
    # this function also handles buffering.
    fd = inputfd(infile)
    outfd = outputfd(outfile or (infile+'.pbp' if infile not in [None,'-'] else '-'))

    if recipient and self:
        # let's do public key encryption
        key = nacl.randombytes(nacl.crypto_secretbox_KEYBYTES)
        me = publickey.Identity(self, basedir=basedir)
        size = struct.pack('>H',len(recipient))
        # write out encrypted message key (nonce, c(key+recplen)) for each recipient
        for r in recipient:
            r = publickey.Identity(r, basedir=basedir, publicOnly=True)
            nonce = nacl.randombytes(nacl.crypto_box_NONCEBYTES)
            outfd.write(nonce)
            outfd.write(nacl.crypto_box(key+size, nonce, r.cp, me.cs))
        me.clear()
    else:
        # let's do symmetric crypto
        key = getkey(nacl.crypto_secretbox_KEYBYTES)

    buf = fd.read(BLOCK_SIZE)
    if buf:
        nonce, cipher = encrypt(buf, k=key)

def savesecretekey(self, ext, key):
        fname = get_sk_filename(self.basedir, self.name, ext)
        k = pbp.getkey(nacl.crypto_secretbox_KEYBYTES,
                       empty=True,
                       text='Master' if ext == 'mk' else 'Subkey')
        nonce = nacl.randombytes(nacl.crypto_secretbox_NONCEBYTES)
        with open(fname,'w') as fd:
            fd.write(nonce)
            fd.write(nacl.crypto_secretbox(key, nonce, k))

def encrypt(msg, pwd=None, k=None, nonce=None):
    # encrypts a message symmetrically using crypto_secretbox
    # k specifies an encryption key, which if not supplied, is derived from
    # pwd which is queried from the user, if also not specified.
    # returns a (nonce, ciphertext) tuple
    if nonce==None:
        nonce = nacl.randombytes(nacl.crypto_secretbox_NONCEBYTES)
    clearpwd = (pwd is None)
    cleark = (k is None)
    if not k:
        k = getkey(nacl.crypto_secretbox_KEYBYTES, pwd=pwd)
    ciphertext = nacl.crypto_secretbox(msg, nonce, k)
    if cleark and k:
        clearmem(k)
        k = None
    if clearpwd and pwd:
        clearmem(pwd)
        pwd = None
    return (nonce, ciphertext)

peer = publickey.Identity(peer, basedir=basedir, publicOnly=True)
        sender = None
        size = None
        i=0
        while i < (max_recipients if not size else size):
            i+=1
            rnonce = fd.read(nacl.crypto_box_NONCEBYTES)
            ct = fd.read(nacl.crypto_secretbox_KEYBYTES+2+nacl.crypto_secretbox_MACBYTES)
            if sender: continue
            for keys in ([peer] if peer else publickey.get_public_keys(basedir=basedir)):
                try:
                    tmp = nacl.crypto_box_open(ct, rnonce, keys.cp, me.cs)
                except ValueError:
                    continue

                key = tmp[:nacl.crypto_secretbox_KEYBYTES]
                size = struct.unpack('>H',tmp[nacl.crypto_secretbox_KEYBYTES:])[0]
                sender = keys.name
                break

        me.clear()
        if not sender:
            raise ValueError('decryption failed')
    # sym
    else:
        pwd = getpass.getpass('Passphrase for decrypting: ')
        key =  scrypt.hash(pwd, scrypt_salt)[:nacl.crypto_secretbox_KEYBYTES]
        sender = None
        clearmem(pwd)
        pwd=None

    if key:

def decrypt_with_user_pw(self, filename, pw_for):
        with file(filename) as fd:
            nonce = fd.read(nacl.crypto_secretbox_NONCEBYTES)
            prompt = 'Passphrase for decrypting {0} for {1}: '.format(pw_for, self.name)
            k = scrypt.hash(getpass.getpass(prompt), pbp.scrypt_salt)[:nacl.crypto_secretbox_KEYBYTES]
            return nacl.crypto_secretbox_open(fd.read(), nonce, k)

# update context
        if self.peer_pub != ('\0' * nacl.crypto_scalarmult_curve25519_BYTES):
            # calculate a new incoming key, and finish that DH, start a new for
            # outgoing keys.
            # only do this directly after receiving a packet, not on later sends
            # without receiving any acks before, we reset peer_pub to signal, that
            # an incoming request has been already once processed like this.
            self.e_in = nacl.randombytes(nacl.crypto_scalarmult_curve25519_BYTES)
            self.in_prev = self.in_k
            self.in_k = nacl.crypto_scalarmult_curve25519(self.e_in, self.peer_pub)
            self.peer_pub = ('\0' * nacl.crypto_scalarmult_curve25519_BYTES)

            # generate e_out
            self.e_out = nacl.randombytes(nacl.crypto_scalarmult_curve25519_BYTES)

        elif self.out_k == ('\0' * nacl.crypto_secretbox_KEYBYTES):
            # only for the very first packet necessary
            # we explicitly need to generate e_out
            self.e_out = nacl.randombytes(nacl.crypto_scalarmult_curve25519_BYTES)
        #else: # axolotlize
        #    print 'axolotl!'
        #    self.out_k = nacl.crypto_generichash(self.out_k,
        #                                         nacl.crypto_scalarmult_curve25519(self.me_id.cs, self.peer_id.cp),
        #                                         nacl.crypto_scalarmult_curve25519_BYTES)

        # compose packet
        dh1 = nacl.crypto_scalarmult_curve25519_base(self.e_out)
        dh2 = (nacl.crypto_scalarmult_curve25519_base(self.e_in)
               if self.e_in != ('\0' * nacl.crypto_scalarmult_curve25519_BYTES)
               else ('\0' * nacl.crypto_scalarmult_curve25519_BYTES))
        plain = ''.join((dh1, dh2, plain))

def decrypt(pkt, pwd=None, k=None, retries=3):
    # decrypts a message symmetrically using crypto_secretbox
    # pkt is a (nonce, ciphertext) tuple
    # k specifies an encryption key, which if not supplied, is derived from
    # pwd which is queried from the user, if also not specified.
    clearpwd = (pwd is None)
    cleark = (k is None)
    cnt=0
    res = None
    while cnt

if not os.path.exists(keyfname):
            return self
        if not self.me_id:
            self.me_id = publickey.Identity(self.me, basedir=self.basedir)
        with open(keyfname,'r') as fd:
            nonce = fd.read(nacl.crypto_box_NONCEBYTES)
            plain =  nacl.crypto_box_open(fd.read(), nonce, self.me_id.cp, self.me_id.cs)
        c=nacl.crypto_scalarmult_curve25519_BYTES
        i=0
        self.e_in     = plain[:c]
        i+=c
        self.e_out    = plain[i:i+c]
        i+=c
        self.peer_pub = plain[i:i+c]
        i+=c
        c=nacl.crypto_secretbox_KEYBYTES
        self.out_k    = plain[i:i+c]
        i+=c
        self.in_k     = plain[i:i+c]
        i+=c
        self.in_prev  = plain[i:i+c]