Removing AES Encyption Envelopes without breaking existing clients


(Todd Manchester) #1


We have an existing .NET DataAbstract application server that has clients (iOS, Android) that connect with SSL & AES. What is that best approach to remove that AES dependency? Is it possible to create another port with a message that does not have AES to run in conjunction with our existing AES message port combination?

Thanks for you assistance.

(marc hoffman) #3

IIRC you can disable the envelope but leave it in place; that way it won’t be applied to outgoing messages, but it ill still be processed, when found in a received message.

(antonk) #4


Yes, it is possible to have arbitrary number of server channels in a server app given they listen to different ports.
This can be a little tricky (mean, 1 additional simple class in the application) to set up if your server uses ApplicationServer class as a bootstrapper. We can provide a sample if needed.

The trick with disabled AesEncryptionEnvelope will also work. However it should not be used if the server channel is not configured to use SSL traffic protection because in this case server responses will be sent back without AES envelope being applied to them.


(Todd Manchester) #5


Thanks for that its a really nice trick. Here is how I implemented it if anyone is interested.

        //Change binMessage properties
        BinMessage message = server.NetworkServer.ServerMessages[0] as BinMessage;
        if (message != null)
            message.EnforceMaxMessageSize = false;              
            message.Envelopes.Add(new AesEncryptionEnvelope(@"123456789"));
            message.Envelopes[0].Enabled = false;

(antonk) #6

Btw there is a shortcut in the NetworkServer API that might make this code shorter:

var message = (BinMessage)server.NetworkServer.ServerMessage;
message.EnforceMaxMessageSize = false;
message.Envelopes.Add(new AesEncryptionEnvelope("password goes here"), false);

Note the shortcut property for accessing Message and a second argument in the Envelope.Add call that disables the added envelope.