internal polish, minor refactors & manifest v3 progression

4 files changed, 31 insertions, 17 deletions

diff --git a/back-end/plugins/nvault/src/Endpoints/Endpoint.cs b/back-end/plugins/nvault/src/Endpoints/Endpoint.cs
index bcebc63..4223a10 100644
--- a/back-end/plugins/nvault/src/Endpoints/Endpoint.cs
+++ b/back-end/plugins/nvault/src/Endpoints/Endpoint.cs
@@ -134,7 +134,7 @@ namespace NVault.Plugins.Vault.Endpoints
 
                 //Get the key metadata
                 NostrKeyMeta? keyMeta = await _publicKeyStore.GetSingleUserRecordAsync(nEvent.KeyId, entity.Session.UserID);
-                if(webm.Assert(keyMeta != null, "Key not found"))
+                if(webm.Assert(keyMeta?.Value != null, "Key not found"))
                 {
                     return VirtualClose(entity, webm, HttpStatusCode.NotFound);
                 }
@@ -520,7 +520,7 @@ namespace NVault.Plugins.Vault.Endpoints
                     .Must(ct => ct.Contains("?iv=", StringComparison.OrdinalIgnoreCase))
                     .WithMessage("iv not found in ciphertext")
                     //Check iv is not too long
-                    .Must(ct => ct.AsSpan().SliceAfterParam("?iv=").Length == NostrOpProvider.MaxBase64EncodedSize)
+                    .Must(ct => ct.AsSpan().SliceAfterParam("?iv=").Length == NostrOpProvider.IvMaxBase64EncodedSize)
                     .WithMessage("iv is not the correct size");
 
                 //Pubpkey must be 64 hex characters
diff --git a/back-end/plugins/nvault/src/INostrCryptoProvider.cs b/back-end/plugins/nvault/src/INostrCryptoProvider.cs
index d6c1e8a..b66757c 100644
--- a/back-end/plugins/nvault/src/INostrCryptoProvider.cs
+++ b/back-end/plugins/nvault/src/INostrCryptoProvider.cs
@@ -61,8 +61,27 @@ namespace NVault.Plugins.Vault
         /// <returns>True if the operation succeeded, false otherwise</returns>
         bool RecoverPublicKey(ReadOnlySpan<byte> privateKey, Span<byte> pubKey);
 
+        /// <summary>
+        /// Decrypts a Nostr encrypted message by the target's public key, and the local secret key. 
+        /// Both keys will be used to compute the shared secret that will be used to decrypt the message.
+        /// </summary>
+        /// <param name="secretKey">The local secret key</param>
+        /// <param name="targetKey">The message's target public key for the shared secret</param>
+        /// <param name="aseIv">The initialization vector used to encrypt the message</param>
+        /// <param name="cyphterText">The cyphertext to decrypt</param>
+        /// <param name="outputBuffer">The output buffer to write plaintext data to</param>
+        /// <returns>The number of bytes written to the output, 0 or negative for an error</returns>
         ERRNO DecryptMessage(ReadOnlySpan<byte> secretKey, ReadOnlySpan<byte> targetKey, ReadOnlySpan<byte> aseIv, ReadOnlySpan<byte> cyphterText, Span<byte> outputBuffer);
 
+        /// <summary>
+        /// Encrypts a message with the specified secret key, target public key, and initialization vector.
+        /// </summary>
+        /// <param name="secretKey"></param>
+        /// <param name="targetKey"></param>
+        /// <param name="aesIv">The initalization vector used by the AES cipher to encrypt data</param>
+        /// <param name="plainText">The plaintext data to encrypt</param>
+        /// <param name="cipherText">The ciphertext output buffer</param>
+        /// <returns>The number of bytes written to the output buffer, 0 or negative on error</returns>
         ERRNO EncryptMessage(ReadOnlySpan<byte> secretKey, ReadOnlySpan<byte> targetKey, ReadOnlySpan<byte> aesIv, ReadOnlySpan<byte> plainText, Span<byte> cipherText);
 
         /// <summary>
diff --git a/back-end/plugins/nvault/src/NativeSecp256k1Library.cs b/back-end/plugins/nvault/src/NativeSecp256k1Library.cs
index 0870156..2fcf447 100644
--- a/back-end/plugins/nvault/src/NativeSecp256k1Library.cs
+++ b/back-end/plugins/nvault/src/NativeSecp256k1Library.cs
@@ -76,7 +76,7 @@ namespace NVault.Plugins.Vault
             finally
             {
                 //Zero out buffers
-                MemoryUtil.InitializeBlock(sharedKeyBuffer.AsSpan());
+                MemoryUtil.InitializeBlock(sharedKeyBuffer);
             }
         }
 
@@ -114,7 +114,7 @@ namespace NVault.Plugins.Vault
             finally
             {
                 //Zero out buffers
-                MemoryUtil.InitializeBlock(sharedKeyBuffer.AsSpan());
+                MemoryUtil.InitializeBlock(sharedKeyBuffer);
             }
         }
 
diff --git a/back-end/plugins/nvault/src/NostrOpProvider.cs b/back-end/plugins/nvault/src/NostrOpProvider.cs
index aa4840e..5908e26 100644
--- a/back-end/plugins/nvault/src/NostrOpProvider.cs
+++ b/back-end/plugins/nvault/src/NostrOpProvider.cs
@@ -39,7 +39,7 @@ namespace NVault.Plugins.Vault
     internal sealed class NostrOpProvider : INostrOperations
     {
         public const int AES_IV_SIZE = 16;
-        public static int MaxBase64EncodedSize { get; } = Base64.GetMaxEncodedToUtf8Length(AES_IV_SIZE);
+        public static int IvMaxBase64EncodedSize { get; } = Base64.GetMaxEncodedToUtf8Length(AES_IV_SIZE);
 
         private static JavaScriptEncoder _encoder { get; } = GetJsEncoder();
 
@@ -289,9 +289,7 @@ namespace NVault.Plugins.Vault
             string? outText = null, ivText = null;
 
             //Call decipher method
-            bool result = Nip04Cipher(secret.ToReadOnlySpan(), nip04Ciphertext.AsSpan(), targetPubkey, ref outText, ref ivText, false);
-
-            if (result)
+            if (Nip04Cipher(secret.ToReadOnlySpan(), nip04Ciphertext.AsSpan(), targetPubkey, ref outText, ref ivText, false))
             {
                 return outText;
             }
@@ -307,16 +305,13 @@ namespace NVault.Plugins.Vault
             //Recover target public key
             byte[] targetPubkey = Convert.FromHexString(targetPubKeyHex);
 
-            //Get key data from the vault
-            using PrivateString? secret = await _vault.GetSecretAsync(scope, keyMeta.Id, cancellation);
+            //Get key data from the vault (key should always exist, but may get out of sync if manually deleted)
+            using PrivateString? secret = await _vault.GetSecretAsync(scope, keyMeta.Id, cancellation) ?? throw new ArgumentException("Secret key not found in vault");
 
-            string? outputText = null,
-                ivText = null;
-
-            //Call decipher method
-            bool result = Nip04Cipher(secret.ToReadOnlySpan(), plainText, targetPubkey, ref outputText, ref ivText, true);
+            string? outputText = null, ivText = null;
 
-            if (result)
+            //Call encipher method
+            if (Nip04Cipher(secret.ToReadOnlySpan(), plainText, targetPubkey, ref outputText, ref ivText, true))
             {
                 return new()
                 {
@@ -391,7 +386,7 @@ namespace NVault.Plugins.Vault
                     ReadOnlySpan<char> cipherText = text.SliceBeforeParam("?iv=");
                     ReadOnlySpan<char> ivSegment = text.SliceAfterParam("?iv=");
 
-                    if (ivSegment.Length > MaxBase64EncodedSize)
+                    if (ivSegment.Length > IvMaxBase64EncodedSize)
                     {
                         throw new ArgumentException("initialization vector is larger than allowed");
                     }