I want to expose a C API over a socket (including callbacks aka 'push notifications'); thinking stream-based. Is libsodium the best way to do this securely in a lightweight way, *ssl, 'no lightweight, use https and websockets', or .... ? Personal project, I control client+server
-
Show this thread
-
Replying to @fredemmott
Libsodium’s crypto_secretstream is a perfect fit for that.
1 reply 0 retweets 1 like -
Replying to @jedisct1
So, with PSK and not wanting replays: (1) server does secretstream keygen for session key (2) server sends key as secret box to client using PSK (3) client opens box, both client and server switch to secretstream with key from box?
1 reply 0 retweets 0 likes
Replying to @fredemmott
Yes, that works.
8:15 AM - 26 Sep 2018
from Union Station, Denver
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.