diff options
author | vnugent <public@vaughnnugent.com> | 2023-12-01 21:00:49 -0500 |
---|---|---|
committer | vnugent <public@vaughnnugent.com> | 2023-12-01 21:00:49 -0500 |
commit | 54984ef915a3bf640e06015bd294bd2186b3a588 (patch) | |
tree | 51bc8384138a5eca389186f178fa5fd669cf3916 /back-end/plugins | |
parent | c4205bfe23dc321c77e2ff032fcb355d16e5d6c0 (diff) |
internal polish, minor refactors & manifest v3 progression
Diffstat (limited to 'back-end/plugins')
4 files changed, 31 insertions, 17 deletions
diff --git a/back-end/plugins/nvault/src/Endpoints/Endpoint.cs b/back-end/plugins/nvault/src/Endpoints/Endpoint.cs index bcebc63..4223a10 100644 --- a/back-end/plugins/nvault/src/Endpoints/Endpoint.cs +++ b/back-end/plugins/nvault/src/Endpoints/Endpoint.cs @@ -134,7 +134,7 @@ namespace NVault.Plugins.Vault.Endpoints //Get the key metadata NostrKeyMeta? keyMeta = await _publicKeyStore.GetSingleUserRecordAsync(nEvent.KeyId, entity.Session.UserID); - if(webm.Assert(keyMeta != null, "Key not found")) + if(webm.Assert(keyMeta?.Value != null, "Key not found")) { return VirtualClose(entity, webm, HttpStatusCode.NotFound); } @@ -520,7 +520,7 @@ namespace NVault.Plugins.Vault.Endpoints .Must(ct => ct.Contains("?iv=", StringComparison.OrdinalIgnoreCase)) .WithMessage("iv not found in ciphertext") //Check iv is not too long - .Must(ct => ct.AsSpan().SliceAfterParam("?iv=").Length == NostrOpProvider.MaxBase64EncodedSize) + .Must(ct => ct.AsSpan().SliceAfterParam("?iv=").Length == NostrOpProvider.IvMaxBase64EncodedSize) .WithMessage("iv is not the correct size"); //Pubpkey must be 64 hex characters diff --git a/back-end/plugins/nvault/src/INostrCryptoProvider.cs b/back-end/plugins/nvault/src/INostrCryptoProvider.cs index d6c1e8a..b66757c 100644 --- a/back-end/plugins/nvault/src/INostrCryptoProvider.cs +++ b/back-end/plugins/nvault/src/INostrCryptoProvider.cs @@ -61,8 +61,27 @@ namespace NVault.Plugins.Vault /// <returns>True if the operation succeeded, false otherwise</returns> bool RecoverPublicKey(ReadOnlySpan<byte> privateKey, Span<byte> pubKey); + /// <summary> + /// Decrypts a Nostr encrypted message by the target's public key, and the local secret key. + /// Both keys will be used to compute the shared secret that will be used to decrypt the message. + /// </summary> + /// <param name="secretKey">The local secret key</param> + /// <param name="targetKey">The message's target public key for the shared secret</param> + /// <param name="aseIv">The initialization vector used to encrypt the message</param> + /// <param name="cyphterText">The cyphertext to decrypt</param> + /// <param name="outputBuffer">The output buffer to write plaintext data to</param> + /// <returns>The number of bytes written to the output, 0 or negative for an error</returns> ERRNO DecryptMessage(ReadOnlySpan<byte> secretKey, ReadOnlySpan<byte> targetKey, ReadOnlySpan<byte> aseIv, ReadOnlySpan<byte> cyphterText, Span<byte> outputBuffer); + /// <summary> + /// Encrypts a message with the specified secret key, target public key, and initialization vector. + /// </summary> + /// <param name="secretKey"></param> + /// <param name="targetKey"></param> + /// <param name="aesIv">The initalization vector used by the AES cipher to encrypt data</param> + /// <param name="plainText">The plaintext data to encrypt</param> + /// <param name="cipherText">The ciphertext output buffer</param> + /// <returns>The number of bytes written to the output buffer, 0 or negative on error</returns> ERRNO EncryptMessage(ReadOnlySpan<byte> secretKey, ReadOnlySpan<byte> targetKey, ReadOnlySpan<byte> aesIv, ReadOnlySpan<byte> plainText, Span<byte> cipherText); /// <summary> diff --git a/back-end/plugins/nvault/src/NativeSecp256k1Library.cs b/back-end/plugins/nvault/src/NativeSecp256k1Library.cs index 0870156..2fcf447 100644 --- a/back-end/plugins/nvault/src/NativeSecp256k1Library.cs +++ b/back-end/plugins/nvault/src/NativeSecp256k1Library.cs @@ -76,7 +76,7 @@ namespace NVault.Plugins.Vault finally { //Zero out buffers - MemoryUtil.InitializeBlock(sharedKeyBuffer.AsSpan()); + MemoryUtil.InitializeBlock(sharedKeyBuffer); } } @@ -114,7 +114,7 @@ namespace NVault.Plugins.Vault finally { //Zero out buffers - MemoryUtil.InitializeBlock(sharedKeyBuffer.AsSpan()); + MemoryUtil.InitializeBlock(sharedKeyBuffer); } } diff --git a/back-end/plugins/nvault/src/NostrOpProvider.cs b/back-end/plugins/nvault/src/NostrOpProvider.cs index aa4840e..5908e26 100644 --- a/back-end/plugins/nvault/src/NostrOpProvider.cs +++ b/back-end/plugins/nvault/src/NostrOpProvider.cs @@ -39,7 +39,7 @@ namespace NVault.Plugins.Vault internal sealed class NostrOpProvider : INostrOperations { public const int AES_IV_SIZE = 16; - public static int MaxBase64EncodedSize { get; } = Base64.GetMaxEncodedToUtf8Length(AES_IV_SIZE); + public static int IvMaxBase64EncodedSize { get; } = Base64.GetMaxEncodedToUtf8Length(AES_IV_SIZE); private static JavaScriptEncoder _encoder { get; } = GetJsEncoder(); @@ -289,9 +289,7 @@ namespace NVault.Plugins.Vault string? outText = null, ivText = null; //Call decipher method - bool result = Nip04Cipher(secret.ToReadOnlySpan(), nip04Ciphertext.AsSpan(), targetPubkey, ref outText, ref ivText, false); - - if (result) + if (Nip04Cipher(secret.ToReadOnlySpan(), nip04Ciphertext.AsSpan(), targetPubkey, ref outText, ref ivText, false)) { return outText; } @@ -307,16 +305,13 @@ namespace NVault.Plugins.Vault //Recover target public key byte[] targetPubkey = Convert.FromHexString(targetPubKeyHex); - //Get key data from the vault - using PrivateString? secret = await _vault.GetSecretAsync(scope, keyMeta.Id, cancellation); + //Get key data from the vault (key should always exist, but may get out of sync if manually deleted) + using PrivateString? secret = await _vault.GetSecretAsync(scope, keyMeta.Id, cancellation) ?? throw new ArgumentException("Secret key not found in vault"); - string? outputText = null, - ivText = null; - - //Call decipher method - bool result = Nip04Cipher(secret.ToReadOnlySpan(), plainText, targetPubkey, ref outputText, ref ivText, true); + string? outputText = null, ivText = null; - if (result) + //Call encipher method + if (Nip04Cipher(secret.ToReadOnlySpan(), plainText, targetPubkey, ref outputText, ref ivText, true)) { return new() { @@ -391,7 +386,7 @@ namespace NVault.Plugins.Vault ReadOnlySpan<char> cipherText = text.SliceBeforeParam("?iv="); ReadOnlySpan<char> ivSegment = text.SliceAfterParam("?iv="); - if (ivSegment.Length > MaxBase64EncodedSize) + if (ivSegment.Length > IvMaxBase64EncodedSize) { throw new ArgumentException("initialization vector is larger than allowed"); } |