I want to expose a C API over a socket (including callbacks aka 'push notifications'); thinking stream-based. Is libsodium the best way to do this securely in a lightweight way, *ssl, 'no lightweight, use https and websockets', or .... ? Personal project, I control client+server
-
-
So, with PSK and not wanting replays: (1) server does secretstream keygen for session key (2) server sends key as secret box to client using PSK (3) client opens box, both client and server switch to secretstream with key from box?
-
Yes, that works.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.