Note that this encryption uses a global key for the whole process, which
should match on both Server and Client sides. You should better hard-code this
public key in your Client and Server Delphi applications, with some variants
depending on each end-user service. You can use
CompressShaAesSetKey()
as defined in SynCrypto.pas
to
set globally this Encryption Key, and an optional Initialization Vector. You
can even customize the AES chaining mode, if the default TAESCTR
mode is not what you expect.
When the aHttpServerSecurity
parameter is set to
secSynShaAes
for the TSQLHttpServer.Create()
constructor, this proprietary encryption will be enabled on the server side.
For instance:
MyServer := TSQLHttpServer.Create('888',[DataBase],'+',useHttpApiRegisteringURI,32,secSynShaAes);
On the client side, you can just set the
TSQLHttpClientGeneric.Compression
property as expected:
MyClient.Compression := [hcSynShaAes];
Once those parameters have been set, a new proprietary encoding will be defined in the HTTP headers:
ACCEPT-ENCODING: synshaaes
Then all HTTP body content will be compressed via our SynLZ algorithm, and encoded using the very secure AES-CTR/256 encryption.
Since it is a proprietary algorithm, it will work only for Delphi clients.
When accessing for a plain AJAX client, or a Delphi application with
TSQLHttpClientGeneric.Compression = []
, there won't be any
encryption at all, due to way HTTP accepts its encoding.
For safety, you should therefore use it in conjunction with our per-URI
Authentication.
Feedback is welcome on our forum, as usual!