Closed moea closed 2 years ago
The header and the hash of the handshake hash are sent unecrypted yea (we use the latter to identify the connection).
Neither needs encryption. From the sodium docs
“The header content doesn't have to be secret and decryption with a different header would fail”
Thanks for the clarification.
Thanks for the library. I'm implementing something similar to the Noise handshake -> secretstream pattern in a Clojure library, and I'm not quite following the logic in
index.js
— does the message containing the handshake hash & secret stream header get sent in plaintext (which is what it looks like), or are you encrypting it via Noise? Could you give me the thinking behind the design decision?