Squashed commit of the following:

commit 942aed8a4e7c173a2c9423829c2b38087cbd49e4
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Aug 6 20:54:03 2024 -0400

    chore: update changelog and mbedtls headers

commit 3b97f84fd0477eafcd6567eb8597b213e4136664
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Aug 6 19:57:10 2024 -0400

    update libsecp256k1 to v0.5.1

commit 7989a2660997b909e0b99fc1dfb3bcfbb0528df3
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Aug 6 19:42:25 2024 -0400

    update openssl to 3.3.1

commit e949ae5aa1fd25d4d11fe31e30b7d82ae7778dc2
Author: vnugent <public@vaughnnugent.com>
Date:   Mon Aug 5 18:01:03 2024 -0400

    fix: Find and fix openssl encryption bug

commit a60a3e1ca1d99d655c0cfc96e3952c371e8a8677
Author: vnugent <public@vaughnnugent.com>
Date:   Sun Aug 4 15:27:06 2024 -0400

    cleanup comments + return codes

commit 2aa7f4b6cdb2e0e8990e7177476f4104fd2e2b17
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Jul 27 22:20:53 2024 -0400

    fix codeberg url

commit 1640f79776c6b291b49a39a6128c05888fc4153e
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Jul 27 00:05:07 2024 -0400

    fix: Potential overflow in nip44 padding calculation

commit 07de078a3b5b7b0043d9f81bb5a9e750a3a0c7c1
Author: vnugent <public@vaughnnugent.com>
Date:   Fri Jul 26 23:37:15 2024 -0400

    refactor: Span invasion, checks and fix some evp api

commit 54f520e4bfc0fe23e2719d44b09739aa8709451c
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Jul 23 19:55:13 2024 -0400

    latest changes

commit 12feb33dba2061415d6f39fa59dec16fafcda2a0
Author: vnugent <public@vaughnnugent.com>
Date:   Sun Jul 21 17:51:04 2024 -0400

    Push latest changes, patches, and internal upgrades

commit ffe42b6858f112a00405be4f0605ab1163063749
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Jul 13 22:13:13 2024 -0400

    test: Add decryption test cases and fixes

commit 5dfafbc5a9214587533ec8b1dae2a962118d3650
Author: vnugent <public@vaughnnugent.com>
Date:   Fri Jul 12 22:14:00 2024 -0400

    feat: add decryption functionality to public api

commit 8df8c5aed4ac626171b451b5422c3b207e88000b
Author: vnugent <public@vaughnnugent.com>
Date:   Thu Jul 11 21:39:39 2024 -0400

    feat: Update sidecar utils library

commit 23fe6e8c8596333c2183f0f4389817087442c551
Author: vnugent <public@vaughnnugent.com>
Date:   Fri Jul 5 00:03:48 2024 -0400

    push latest utils and changes

commit dc71f861df8929deee300368b88ef47d45560695
Author: vnugent <public@vaughnnugent.com>
Date:   Mon Jul 1 15:05:34 2024 -0400

    fix: #7 fix confusing inline functions

commit 90166048046d2511f0bb74f8880180e82466d4c0
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Jun 18 21:22:37 2024 -0400

    push pending changes

commit 461dd71069d0c0250752ac1256160605c33a6243
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Jun 11 15:44:28 2024 -0400

    feat!: #4 Close #4. Add public nip04 support to api

commit a74f96251bcc81fb2c94fe75dd6f8043fd35fe0b
Merge: 1c26ef8 51d0aff
Author: vnugent <public@vaughnnugent.com>
Date:   Wed May 29 13:37:00 2024 -0400

    Merge branch 'master' into develop

commit 1c26ef86a04690120f4f752c7c5018a570ec5880
Author: vnugent <public@vaughnnugent.com>
Date:   Wed May 29 13:34:20 2024 -0400

    missed extra argument

commit 88c9095743a12cf8fc1793c607ba3a1e4fa86483
Author: vnugent <public@vaughnnugent.com>
Date:   Wed May 29 13:25:51 2024 -0400

    refactor!: return NC_SUCCESS when validating secret key

commit 718be80a4810b9352de7eb0707da54020aa6b649
Author: vnugent <public@vaughnnugent.com>
Date:   Mon May 27 14:52:41 2024 -0400

    fix: Properly build mbedtls & cmake fixes

commit a8a6efb2319f739e5faae550561dc27d9dd1e88d
Author: vnugent <public@vaughnnugent.com>
Date:   Sun May 26 17:39:40 2024 -0400

    chore: Update libs, reorder files, internalize private headers

commit 72e1b7be4031e2fd4d258fcf434ad049c0029201
Author: vnugent <public@vaughnnugent.com>
Date:   Sun May 26 13:39:08 2024 -0400

    fix: Add c++ extern prototypes in noscrypt.h

commit aeaac8d328b75911541be64d6f09d58fca294a08
Author: vnugent <public@vaughnnugent.com>
Date:   Sun May 26 11:47:17 2024 -0400

    refactor: Dep update, openssl chacha20 added

commit 86b02540cce6015cfe4a2a56499a9a2f45d4e368
Author: vnugent <public@vaughnnugent.com>
Date:   Sat May 18 12:24:17 2024 -0400

    refactor: Remove NCContext structure definition

commit d09d9330415d463ca19be9394b02ce11b3366f7e
Author: vnugent <public@vaughnnugent.com>
Date:   Mon May 13 22:33:50 2024 -0400

    fix: update mbedtls inline issue includes

commit 7838cb4bb15d4f453f92f56ece75e2b03986fe42
Author: vnugent <public@vaughnnugent.com>
Date:   Mon May 13 22:29:16 2024 -0400

    fix: force fPIC for secp256k1 targets

commit d76f7708bc6ae81a638ca708230ac9153ac754e2
Merge: aa8033d a526139
Author: vnugent <public@vaughnnugent.com>
Date:   Sun May 12 00:37:01 2024 -0400

    Merge branch 'master' into develop

commit aa8033d4dbfebeb72b6fd7a0cd218ebde0eb54dd
Author: vnugent <public@vaughnnugent.com>
Date:   Sun May 12 00:34:20 2024 -0400

    Final overview and test before tag

commit 4e3ead2cf1d3068e77f0959dfdc17e20e9102a0f
Merge: 2cee801 872c49d
Author: vnugent <public@vaughnnugent.com>
Date:   Mon May 6 22:08:09 2024 -0400

    Merge branch 'master' into develop

commit 2cee801979bfbcb3b0e53f592ce8c779b57cb679
Author: vnugent <public@vaughnnugent.com>
Date:   Mon May 6 22:02:39 2024 -0400

    Ensure static and dynamic libs get same args

commit f533694023133552d0d42933d779c95a5854343f
Author: vnugent <public@vaughnnugent.com>
Date:   Mon May 6 21:50:29 2024 -0400

    feat: CMake install & fetch-content test & updates

commit 940ff20348b13d0bc30d9e9f4289dd6de20b16ba
Author: vnugent <public@vaughnnugent.com>
Date:   Sun May 5 14:07:28 2024 -0400

    codeberg readonly push

commit b34ed055c0b7d143561ce8798e0a95313b9224bd
Merge: 0a40e20 e737556
Author: vnugent <public@vaughnnugent.com>
Date:   Sat May 4 14:06:45 2024 -0400

    Merge branch 'master' into develop

commit 0a40e209d03e8ff9b6f81cd5969d3e845c633bfc
Author: vnugent <public@vaughnnugent.com>
Date:   Sat May 4 13:55:19 2024 -0400

    ci: Force disable testing for win ci builds

commit 55fae189fffc86f07a3448370f0a746670819712
Author: vnugent <public@vaughnnugent.com>
Date:   Thu May 2 21:54:35 2024 -0400

    feat: Working and tested openssl impl & defaults

commit 6ff8bb11774c51fd341b7699a3938fd894995fbf
Author: vnugent <public@vaughnnugent.com>
Date:   Thu Apr 25 17:45:42 2024 -0400

    refactor: Finish support and testing for mbedtls

commit 7cb7a93de4f6f5e741bc5129e3d928e44f050930
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Apr 23 18:19:31 2024 -0400

    refactor!: MbedTLS on Windows, switch to uint32

commit 30e8dda6cbea86bdee6d5dfe48514385d3b9f81b
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Apr 23 14:48:05 2024 -0400

    refactor: Crypto dep redesign working on Windows

commit d09c6c1bd5da3e2d79351daeba304ca99976a726
Author: vnugent <public@vaughnnugent.com>
Date:   Thu Apr 18 00:28:51 2024 -0400

    refactor!: Pushing what I have to dev

commit 54e06ada7d624ed0d28c6a6db04a149708841bf8
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Apr 13 01:24:00 2024 -0400

    fix: convert constants to hex, inline macro, ParseErrorCode

commit 4215e3100d9a0d23119080d09638fa5b60d0c6d4
Merge: d3328f4 7485aa5
Author: vnugent <public@vaughnnugent.com>
Date:   Wed Apr 3 18:26:30 2024 -0400

    Merge branch 'master' into develop

commit d3328f4152b22b28f24c43dda62464287f1efff5
Author: vnugent <public@vaughnnugent.com>
Date:   Wed Apr 3 18:22:56 2024 -0400

    build: Included dependency and versions in client builds

commit b11bc0bac955fd5c6db65f0da48456bf5e748805
Author: vnugent <public@vaughnnugent.com>
Date:   Wed Apr 3 18:10:08 2024 -0400

    fix: Fix c89 compatabilty comments and struct assignment

commit 9915bd41799a72413e6b400e150aa9f5fa797e25
Merge: 8e3d6ea 5184d7d
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Mar 30 09:57:30 2024 -0400

    Merge branch 'master' into develop

commit 8e3d6ea5e3c83fe42cb904b6ccc4fe2b73f76aae
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Mar 30 09:52:55 2024 -0400

    refactor!: Some api (struct) changes and updated tests

commit e88e8420520204e20802516f01d4488bb0b1d6ea
Merge: 490dfee 21f6c0a
Author: vnugent <public@vaughnnugent.com>
Date:   Sun Mar 3 15:02:34 2024 -0500

    Merge branch 'master' into develop

commit 490dfee4ef22479009627435c6ad728c3cbbab54
Author: vnugent <public@vaughnnugent.com>
Date:   Sun Mar 3 14:59:25 2024 -0500

    test: #3 tests for encryption/description and Macs

commit efa97490b7ed47f4e2f05bee52e2b33e14e439e6
Merge: 1b84e3c 120022a
Author: vnugent <public@vaughnnugent.com>
Date:   Sun Mar 3 14:55:48 2024 -0500

    merge master

commit 1b84e3c7c2e55b1ff9ffdd09b66873e11c131441
Author: vnugent <public@vaughnnugent.com>
Date:   Sat Mar 2 22:57:36 2024 -0500

    fix: #2 constent usage of sizeof() operator on struct types

commit 9de5a214c66adea0ef2d0bac63c59449de202a88
Author: vnugent <public@vaughnnugent.com>
Date:   Fri Mar 1 14:30:36 2024 -0500

    perf: avoid nc_key struct copy, cast and verify instead

commit b917b761120ed684af28d0707673ffadcf14b8fe
Author: vnugent <public@vaughnnugent.com>
Date:   Mon Feb 12 22:06:50 2024 -0500

    fix: found the constant time memcompare function

commit 9f85fff3b9f25da7410569ea94f994b88feb3910
Author: vnugent <public@vaughnnugent.com>
Date:   Fri Feb 9 22:48:35 2024 -0500

    feat: added/update MAC functions to sign or verify nip44 payload

commit aa5113741bb419b02d6ea416bba571fa3d65db46
Author: vnugent <public@vaughnnugent.com>
Date:   Wed Feb 7 01:37:53 2024 -0500

    add missing hmac-key output buffer

commit 55f47d22cc9ce4d1e22b70814d608c7ef3b1bbc9
Author: vnugent <public@vaughnnugent.com>
Date:   Sun Feb 4 21:08:13 2024 -0500

    simple bug fixes, and public api argument validation tests

commit 73c5a713fb164ae8b4ac8a891a8020e08eae0a3b
Author: vnugent <public@vaughnnugent.com>
Date:   Fri Feb 2 23:05:48 2024 -0500

    update api to return secpvalidate return code instead of internal return codes

commit 06c73004e1a39a7ea4ea3a89c22dee0f66adb236
Author: vnugent <public@vaughnnugent.com>
Date:   Fri Feb 2 19:25:17 2024 -0500

    change to lgpl license

commit 6e79fdb3b6b6739fc7797d47e55a7691306cf736
Author: vnugent <public@vaughnnugent.com>
Date:   Wed Jan 31 21:30:49 2024 -0500

    move validation macros, and optionally disable them

commit ac1e58837f1ba687939f78b5c03cadd346c10ddd
Author: vnugent <public@vaughnnugent.com>
Date:   Tue Jan 30 12:25:05 2024 -0500

    couple more tests, renable range checks, set flags for all projects

1 files changed, 268 insertions, 60 deletions

diff --git a/src/noscrypt.c b/src/noscrypt.c
index f1aabd4..deadca6 100644
--- a/src/noscrypt.c
+++ b/src/noscrypt.c
@@ -32,10 +32,6 @@
 */
 #define ZERO_FILL(x, size) ncCryptoSecureZero(x, size) 
 
-/* Include string for memmove */
-#include <string.h>
-#define MEMMOV(dst, src, size) memmove(dst, src, size)
-
 /*
 * Validation macros
 */
@@ -44,7 +40,6 @@
 	#define CHECK_INVALID_ARG(x, argPos) if(x == NULL) return NCResultWithArgPosition(E_INVALID_ARG, argPos);
 	#define CHECK_NULL_ARG(x, argPos) if(x == NULL) return NCResultWithArgPosition(E_NULL_PTR, argPos);
 	#define CHECK_ARG_RANGE(x, min, max, argPos) if(x < min || x > max) return NCResultWithArgPosition(E_ARGUMENT_OUT_OF_RANGE, argPos);
-	#define CHECK_CONTEXT_STATE(ctx, argPos) CHECK_INVALID_ARG(ctx->secpCtx, argPos)
 #else
 	/* empty macros */
 	#define CHECK_INVALID_ARG(x)
@@ -52,6 +47,8 @@
 	#define CHECK_ARG_RANGE(x, min, max, argPos) 
 #endif /* !NC_DISABLE_INPUT_VALIDATION */
 
+#define CHECK_CONTEXT_STATE(ctx, argPos) CHECK_INVALID_ARG(ctx->secpCtx, argPos)
+
 /*
 * Actual, private defintion of the NCContext structure 
 * to allow for future development and ABI backords 
@@ -247,7 +244,9 @@ static _nc_fn_inline NCResult _computeConversationKey(
 	ncSpanInitC(&saltSpan, Nip44ConstantSalt, sizeof(Nip44ConstantSalt));
 	ncSpanInitC(&ikmSpan, sharedSecret->value, NC_SHARED_SEC_SIZE);
 	
-	return ncCryptoSha256HkdfExtract(&saltSpan, &ikmSpan, ck->value) == CSTATUS_OK ? NC_SUCCESS : E_OPERATION_FAILED;
+	return ncCryptoSha256HkdfExtract(saltSpan, ikmSpan, ck->value) == CSTATUS_OK 
+		? NC_SUCCESS 
+		: E_OPERATION_FAILED;
 }
 
 
@@ -275,14 +274,13 @@ static cstatus_t _chachaEncipher(const struct nc_expand_keys* keys, NCEncryption
 
 static _nc_fn_inline cstatus_t _getMessageKey(
 	const struct conversation_key* converstationKey, 
-	const cspan_t* nonce,
+	cspan_t nonce,
 	struct message_key* messageKey
 )
 {
 	cspan_t prkSpan;
 	span_t okmSpan;
 
-	DEBUG_ASSERT2(nonce != NULL, "Expected valid nonce buffer")
 	DEBUG_ASSERT2(converstationKey != NULL, "Expected valid conversation key")
 	DEBUG_ASSERT2(messageKey != NULL, "Expected valid message key buffer")
 
@@ -290,10 +288,10 @@ static _nc_fn_inline cstatus_t _getMessageKey(
 	ncSpanInit(&okmSpan, messageKey->value, sizeof(struct message_key));				/* Output produces a message key (write it directly to struct memory) */
 	
 	/* Nonce is the info */
-	return ncCryptoSha256HkdfExpand(&prkSpan, nonce, &okmSpan);
+	return ncCryptoSha256HkdfExpand(prkSpan, nonce, okmSpan);
 }
 
-static _nc_fn_inline NCResult _encryptEx(
+static _nc_fn_inline NCResult _encryptNip44Ex(
 	const NCContext* ctx, 
 	const struct conversation_key* ck, 
 	uint8_t* hmacKey,
@@ -312,10 +310,10 @@ static _nc_fn_inline NCResult _encryptEx(
 
 	result = NC_SUCCESS;
 
-	ncSpanInitC(&nonceSpan, args->nonce32, NC_ENCRYPTION_NONCE_SIZE);
+	ncSpanInitC(&nonceSpan, args->nonceData, NC_ENCRYPTION_NONCE_SIZE);
 	
 	/* Message key will be derrived on every encryption call */
-	if (_getMessageKey(ck, &nonceSpan, &messageKey) != CSTATUS_OK)
+	if (_getMessageKey(ck, nonceSpan, &messageKey) != CSTATUS_OK)
 	{
 		result = E_OPERATION_FAILED;
 		goto Cleanup;
@@ -339,7 +337,7 @@ Cleanup:
 	return result;
 }
 
-static _nc_fn_inline NCResult _decryptEx(const NCContext* ctx, const struct conversation_key* ck, NCEncryptionArgs* args)
+static _nc_fn_inline NCResult _decryptNip44Ex(const NCContext* ctx, const struct conversation_key* ck, NCEncryptionArgs* args)
 {
 	NCResult result;
 	cspan_t nonceSpan;
@@ -352,9 +350,9 @@ static _nc_fn_inline NCResult _decryptEx(const NCContext* ctx, const struct conv
 
 	result = NC_SUCCESS;
 
-	ncSpanInitC(&nonceSpan, args->nonce32, NC_ENCRYPTION_NONCE_SIZE);
+	ncSpanInitC(&nonceSpan, args->nonceData, NC_ENCRYPTION_NONCE_SIZE);
 	
-	if (_getMessageKey(ck, &nonceSpan, &messageKey) != CSTATUS_OK)
+	if (_getMessageKey(ck, nonceSpan, &messageKey) != CSTATUS_OK)
 	{
 		result = E_OPERATION_FAILED;
 		goto Cleanup;
@@ -375,17 +373,16 @@ Cleanup:
 	return result;
 }
 
-static _nc_fn_inline cstatus_t _computeHmac(const uint8_t key[NC_HMAC_KEY_SIZE], const cspan_t* payload, sha256_t hmacOut)
+static _nc_fn_inline cstatus_t _computeHmac(const uint8_t key[NC_HMAC_KEY_SIZE], cspan_t payload, sha256_t hmacOut)
 {
 	cspan_t keySpan;
 
 	DEBUG_ASSERT2(key != NULL,		"Expected valid hmac key")
-	DEBUG_ASSERT2(payload != NULL,	"Expected valid mac verification args")
 	DEBUG_ASSERT2(hmacOut != NULL,	"Expected valid hmac output buffer")
 
 	ncSpanInitC(&keySpan, key, NC_HMAC_KEY_SIZE);
 
-	return ncCryptoHmacSha256(&keySpan, payload, hmacOut);
+	return ncCryptoHmacSha256(keySpan, payload, hmacOut);
 }
 
 static NCResult _verifyMacEx(
@@ -411,7 +408,7 @@ static NCResult _verifyMacEx(
 	* Message key is again required for the hmac verification
 	*/
 
-	if (_getMessageKey((struct conversation_key*)conversationKey, &nonceSpan, &messageKey) != CSTATUS_OK)
+	if (_getMessageKey((struct conversation_key*)conversationKey, nonceSpan, &messageKey) != CSTATUS_OK)
 	{
 		result = E_OPERATION_FAILED;
 		goto Cleanup;
@@ -423,7 +420,7 @@ static NCResult _verifyMacEx(
 	/*
 	* Compute the hmac of the data using the computed hmac key
 	*/
-	if (_computeHmac(keys->hmac_key, &payloadSpan, hmacOut) != CSTATUS_OK)
+	if (_computeHmac(keys->hmac_key, payloadSpan, hmacOut) != CSTATUS_OK)
 	{
 		result = E_OPERATION_FAILED;
 		goto Cleanup;
@@ -442,6 +439,40 @@ Cleanup:
 /*
 * EXTERNAL API FUNCTIONS
 */
+
+
+NC_EXPORT NCResult NC_CC NCResultWithArgPosition(NCResult err, uint8_t argPosition)
+{
+	return -(((NCResult)argPosition << NC_ARG_POSITION_OFFSET) | -err);
+}
+
+NC_EXPORT int NC_CC NCParseErrorCode(NCResult result, uint8_t* argPositionOut)
+{
+	NCResult asPositive;
+	int code;
+
+	/* convert result to a positive value*/
+	asPositive = -result;
+
+	/* Get the error code from the lower 8 bits and the argument position from the upper 8 bits*/
+	code = -(asPositive & NC_ERROR_CODE_MASK);
+
+	/* Allow argument position assignment to be null */
+	if (argPositionOut) 
+	{
+		*argPositionOut = (asPositive >> NC_ARG_POSITION_OFFSET) & 0xFF;
+	}
+
+	return code;
+}
+
+/*	=============================
+*	
+*		Context functions
+* 
+*	============================= 
+*/
+
 NC_EXPORT uint32_t NC_CC NCGetContextStructSize(void) 
 {
 	return sizeof(NCContext);
@@ -499,7 +530,13 @@ NC_EXPORT NCResult NC_CC NCDestroyContext(NCContext* ctx)
 	return NC_SUCCESS;
 }
 
-/* KEY Functions */
+/*	=============================
+*
+*		ECDSA functions
+*
+*	=============================
+*/
+
 NC_EXPORT NCResult NC_CC NCGetPublicKey(
 	const NCContext* ctx, 
 	const NCSecretKey* sk, 
@@ -615,7 +652,7 @@ NC_EXPORT NCResult NC_CC NCSignData(
 	ncSpanInitC(&dataSpan, data, dataSize);
 
 	/* Compute sha256 of the data before signing */
-	if(ncCryptoDigestSha256(&dataSpan, digest) != CSTATUS_OK)
+	if(ncCryptoDigestSha256(dataSpan, digest) != CSTATUS_OK)
 	{
 		return E_INVALID_ARG;
 	}
@@ -646,7 +683,6 @@ NC_EXPORT NCResult NC_CC NCVerifyDigest(
 		return E_INVALID_ARG;
 	}
 
-	/* Verify the signature */
 	result = secp256k1_schnorrsig_verify(ctx->secpCtx, sig64, digest32, 32, &xonly);
 	
 	ZERO_FILL(&xonly, sizeof(xonly));
@@ -674,16 +710,20 @@ NC_EXPORT NCResult NC_CC NCVerifyData(
 	ncSpanInitC(&dataSpan, data, dataSize);
 
 	/* Compute sha256 of the data before verifying */
-	if (ncCryptoDigestSha256(&dataSpan, digest) != CSTATUS_OK)
+	if (ncCryptoDigestSha256(dataSpan, digest) != CSTATUS_OK)
 	{
 		return E_INVALID_ARG;
 	}
 
-	/* Verify the freshly computed digest */
 	return NCVerifyDigest(ctx, pk, digest, sig64);
 }
 
-/* ECDH Functions */
+/*	=============================
+*
+*		ECDH functions
+*
+*	=============================
+*/
 
 NC_EXPORT NCResult NC_CC NCGetSharedSecret(
 	const NCContext* ctx, 
@@ -765,11 +805,28 @@ NC_EXPORT NCResult NC_CC NCEncryptEx(
 	/* Validte ciphertext/plaintext */
 	CHECK_INVALID_ARG(args->inputData, 2)
 	CHECK_INVALID_ARG(args->outputData, 2)
-	CHECK_INVALID_ARG(args->nonce32, 2)
-	CHECK_INVALID_ARG(args->hmacKeyOut32, 2)
+	CHECK_INVALID_ARG(args->nonceData, 2)
+	CHECK_INVALID_ARG(args->keyData, 2)
 	CHECK_ARG_RANGE(args->dataSize, NIP44_MIN_ENC_MESSAGE_SIZE, NIP44_MAX_ENC_MESSAGE_SIZE, 2)	
 
-	return _encryptEx(ctx, (struct conversation_key*)conversationKey, args->hmacKeyOut32, args);
+	switch (args->version) 
+	{
+		/* TODO: Implement nip04 */
+		case NC_ENC_VERSION_NIP04:
+			return E_VERSION_NOT_SUPPORTED;
+
+		case NC_ENC_VERSION_NIP44:
+			return _encryptNip44Ex(
+				ctx, 
+				(struct conversation_key*)conversationKey, 
+				args->keyData, 
+				args
+			);
+
+		default:
+			return E_VERSION_NOT_SUPPORTED;
+	}
+
 }
 
 NC_EXPORT NCResult NC_CC NCEncrypt(
@@ -792,34 +849,42 @@ NC_EXPORT NCResult NC_CC NCEncrypt(
 	/* Validate input/output data */
 	CHECK_INVALID_ARG(args->inputData, 3)
 	CHECK_INVALID_ARG(args->outputData, 3)
-	CHECK_INVALID_ARG(args->nonce32, 3)
-	CHECK_INVALID_ARG(args->hmacKeyOut32, 3)
-	CHECK_ARG_RANGE(args->dataSize, NIP44_MIN_ENC_MESSAGE_SIZE, NIP44_MAX_ENC_MESSAGE_SIZE, 3)
+	CHECK_INVALID_ARG(args->nonceData, 3)
+
+	result = E_OPERATION_FAILED;
 
 	switch(args->version)
 	{		
 		case NC_ENC_VERSION_NIP44:
-			break; /* Allow nip44 */
+		{
+			/* Mac key output is only needed for nip44 */
+			CHECK_INVALID_ARG(args->keyData, 3)
+			CHECK_ARG_RANGE(args->dataSize, NIP44_MIN_ENC_MESSAGE_SIZE, NIP44_MAX_ENC_MESSAGE_SIZE, 3)
+
+			/* Compute the shared point */
+			if ((result = _computeSharedSecret(ctx, sk, pk, &sharedSecret)) != NC_SUCCESS)
+			{
+				goto Cleanup;
+			}
+
+			/* Compute the conversation key from secret and pubkic keys */
+			if ((result = _computeConversationKey(ctx, &sharedSecret, &conversationKey)) != NC_SUCCESS)
+			{
+				goto Cleanup;
+			}
+
+			result = _encryptNip44Ex(ctx, &conversationKey, args->keyData, args);
+		}
+
+		break;
 
 		/* At the moment nip04 compatability is not supported */
 		case NC_ENC_VERSION_NIP04:
 		default:
-			return E_VERSION_NOT_SUPPORTED;
+			result = E_VERSION_NOT_SUPPORTED;
+			break;
 	}
 	
-	/* Compute the shared point */
-	if ((result = _computeSharedSecret(ctx, sk, pk, &sharedSecret)) != NC_SUCCESS)
-	{
-		goto Cleanup;
-	}
-
-	/* Compute the conversation key from secret and pubkic keys */
-	if ((result = _computeConversationKey(ctx, &sharedSecret, &conversationKey)) != NC_SUCCESS)
-	{
-		goto Cleanup;
-	}
-
-	result = _encryptEx(ctx, &conversationKey, args->hmacKeyOut32, args);	
 
 Cleanup:
 	/* Clean up sensitive data */
@@ -830,8 +895,8 @@ Cleanup:
 }
 
 NC_EXPORT NCResult NC_CC NCDecryptEx(
-	const NCContext* ctx, 
-	const uint8_t conversationKey[NC_CONV_KEY_SIZE], 
+	const NCContext* ctx,
+	const uint8_t conversationKey[NC_CONV_KEY_SIZE],
 	NCEncryptionArgs* args
 )
 {
@@ -843,10 +908,18 @@ NC_EXPORT NCResult NC_CC NCDecryptEx(
 	/* Validte ciphertext/plaintext */
 	CHECK_INVALID_ARG(args->inputData, 2)
 	CHECK_INVALID_ARG(args->outputData, 2)
-	CHECK_INVALID_ARG(args->nonce32, 2)
+	CHECK_INVALID_ARG(args->nonceData, 2)
 	CHECK_ARG_RANGE(args->dataSize, NIP44_MIN_ENC_MESSAGE_SIZE, NIP44_MAX_ENC_MESSAGE_SIZE, 2)
 
-	return _decryptEx(ctx, (struct conversation_key*)conversationKey, args);
+	switch (args->version)
+	{
+	case NC_ENC_VERSION_NIP44:
+		return _decryptNip44Ex(ctx, (struct conversation_key*)conversationKey, args);
+
+	case NC_ENC_VERSION_NIP04:
+	default:
+		return E_VERSION_NOT_SUPPORTED;
+	}
 }
 
 NC_EXPORT NCResult NC_CC NCDecrypt(
@@ -869,20 +942,34 @@ NC_EXPORT NCResult NC_CC NCDecrypt(
 	/* Validte ciphertext/plaintext */
 	CHECK_INVALID_ARG(args->inputData, 3)
 	CHECK_INVALID_ARG(args->outputData, 3)
-	CHECK_INVALID_ARG(args->nonce32, 3)
+	CHECK_INVALID_ARG(args->nonceData, 3)
 	CHECK_ARG_RANGE(args->dataSize, NIP44_MIN_ENC_MESSAGE_SIZE, NIP44_MAX_ENC_MESSAGE_SIZE, 3)
 
-	if ((result = _computeSharedSecret(ctx, sk, pk, &sharedSecret)) != NC_SUCCESS)
-	{
-		goto Cleanup;
-	}
+	result = E_OPERATION_FAILED;
 
-	if ((result = _computeConversationKey(ctx, &sharedSecret, &conversationKey)) != NC_SUCCESS)
+	switch (args->version)
 	{
-		goto Cleanup;
+	case NC_ENC_VERSION_NIP44:
+	{
+		if ((result = _computeSharedSecret(ctx, sk, pk, &sharedSecret)) != NC_SUCCESS)
+		{
+			goto Cleanup;
+		}
+
+		if ((result = _computeConversationKey(ctx, &sharedSecret, &conversationKey)) != NC_SUCCESS)
+		{
+			goto Cleanup;
+		}
+
+		result = _decryptNip44Ex(ctx, &conversationKey, args);
 	}
+	break;
 
-	result = _decryptEx(ctx, &conversationKey, args);
+	case NC_ENC_VERSION_NIP04:
+	default:
+		result = E_VERSION_NOT_SUPPORTED;
+		break;
+	}
 
 Cleanup:
 	/* Clean up sensitive data */
@@ -914,7 +1001,7 @@ NC_EXPORT NCResult NCComputeMac(
 	/*
 	* Compute the hmac of the data using the supplied hmac key
 	*/
-	return _computeHmac(hmacKey, &payloadSpan, hmacOut) == CSTATUS_OK ? NC_SUCCESS : E_OPERATION_FAILED;
+	return _computeHmac(hmacKey, payloadSpan, hmacOut) == CSTATUS_OK ? NC_SUCCESS : E_OPERATION_FAILED;
 }
 
 
@@ -978,4 +1065,125 @@ Cleanup:
 	ZERO_FILL(&conversationKey, sizeof(conversationKey));
 
 	return result;
+}
+
+#define ENSURE_ENC_MODE(args, mode) if(args->version != mode) return E_VERSION_NOT_SUPPORTED;
+
+NC_EXPORT NCResult NCSetEncryptionPropertyEx(
+	NCEncryptionArgs* args,
+	uint32_t property,
+	uint8_t* value,
+	uint32_t valueLen
+)
+{
+
+	CHECK_NULL_ARG(args, 0)
+	CHECK_NULL_ARG(value, 2)
+
+	switch (property)
+	{
+	case NC_ENC_SET_VERSION:
+
+		/* Ensure version is proper length */
+		CHECK_ARG_RANGE(valueLen, sizeof(uint32_t), sizeof(uint32_t), 2)
+
+		args->version = *((uint32_t*)value);
+
+		return NC_SUCCESS;
+
+	case NC_ENC_SET_NIP04_IV:
+		/*
+		* The safest way to store the nip04 IV is in the nonce
+		* field. An IV is essentially a nonce. A secure random
+		* number used to encrypt the first block of a CBC chain.
+		*/
+
+		CHECK_ARG_RANGE(valueLen, AES_IV_SIZE, UINT32_MAX, 3)
+
+		ENSURE_ENC_MODE(args, NC_ENC_VERSION_NIP04)
+
+		args->nonceData = value;
+
+		return NC_SUCCESS;
+
+
+	case NC_ENC_SET_NIP04_KEY:
+		/*
+		* The AES key is stored in the hmac key field, since
+		* it won't be used for the operating and should be the same size
+		* as the hmac key.
+		*/
+
+		CHECK_ARG_RANGE(valueLen, AES_KEY_SIZE, UINT32_MAX, 3)
+
+		ENSURE_ENC_MODE(args, NC_ENC_VERSION_NIP04)
+
+		args->keyData = value;
+
+		return NC_SUCCESS;
+
+	case NC_ENC_SET_NIP44_NONCE:
+
+		/* Nonce buffer must be at least the size, max doesnt matter */
+		CHECK_ARG_RANGE(valueLen, NC_ENCRYPTION_NONCE_SIZE, UINT32_MAX, 3)
+
+		/* Nonce is only used in nip44 mode */
+		ENSURE_ENC_MODE(args, NC_ENC_VERSION_NIP44)
+
+		args->nonceData = value;
+
+		return NC_SUCCESS;
+
+	case NC_ENC_SET_NIP44_MAC_KEY:
+
+		/* The maximum size of the buffer doesn't matter as long as its larger than the key size */
+		CHECK_ARG_RANGE(valueLen, NC_HMAC_KEY_SIZE, UINT32_MAX, 3)
+
+		/* Mac key is only used in nip44 mode */
+		ENSURE_ENC_MODE(args, NC_ENC_VERSION_NIP44)
+
+		/*
+		* During encryption the key data buffer is used
+		* to write the hmac hey used for MAC computation
+		* operations.
+		*/
+		args->keyData = value;
+
+		return NC_SUCCESS;
+	}
+
+	return E_INVALID_ARG;
+}
+
+NC_EXPORT NCResult NCSetEncryptionProperty(
+	NCEncryptionArgs* args,
+	uint32_t property,
+	uint32_t value
+)
+{
+	return NCSetEncryptionPropertyEx(
+		args, 
+		property, 
+		(uint8_t*)&value, 
+		sizeof(uint32_t)
+	);
+}
+
+NC_EXPORT NCResult NCSetEncryptionData(
+	NCEncryptionArgs* args,
+	const uint8_t* input,
+	uint8_t* output,
+	uint32_t dataSize
+)
+{
+	CHECK_NULL_ARG(args, 0)
+	CHECK_NULL_ARG(input, 1)
+	CHECK_NULL_ARG(output, 2)
+	CHECK_ARG_RANGE(dataSize, NIP44_MIN_ENC_MESSAGE_SIZE, NIP44_MAX_ENC_MESSAGE_SIZE, 3)
+
+	args->inputData = input;
+	args->outputData = output;
+	args->dataSize = dataSize;
+
+	return NC_SUCCESS;	
 }
\ No newline at end of file