Compression, Encryption and Middleware

Alex_Egorov · November 28, 2019, 9:33am

Hello again,

1. Can you add an overloaded constructor for Compression Middleware with the Threshold parameter?

2. Maybe you can add new Middleware for custom encryption? Or, if you don't have such plans can you assist me in creating it by my self?

Why did I tell you about custom encryption? My software in most situations works in internal corporate networks, and for using https it is necessary to get a certificate. To work with https the client needs to get a certificate. After moving the server part from one computer to another, customers need a new certificate. But all customers need software "out from the box" - install and work without any additional steps.

Alex_Egorov · November 28, 2019, 5:18pm

I'm found your answer about Encryption middleware:

1) You can use a code like this:

XDataClient.HttpClient.OnSendingRequest :=
  procedure(ARequest: THttpRequest)
  var
    pBytes: TBytes;
  begin
    if ARequest.ContentLength > 0 then
    begin
      pBytes := TBytes.FromBuffer(ARequest.ContentBuffer^, ARequest.ContentLength);
      EncryptBytesSomehow(pBytes);
      ARequest.SetContent(pBytes);
    end;
  end;

2) In the server-side middleware, you should do something like this:

In other words, is it impossible to use only middleware for this? Client-side coding needed too?

wlandgraf · December 2, 2019, 8:39pm

If you want to use custom encryption (not use HTTPS, which would be strongly the recommended way), I'm not sure how would you expect that the client wouldn't participate in this? If it's custom encryption, then the client must encrypt and decrypt the message, right?

Alex_Egorov · December 2, 2019, 8:48pm

The server part and client part of software is both provided by me. This is client-server software with secure storage of sensitive data of the customers

wlandgraf · December 3, 2019, 12:39am

Then why are you asking to have encryption using middleware-only?

Alex_Egorov · December 3, 2019, 7:17am

I'm asking not about encryption via middleware only, I'm asking which method is the best if we don't use https.

In any way I will recommend to customers to install certificates, but, but this is not simple for customers, which need just install software and use it.

wlandgraf · December 3, 2019, 2:20pm

Then the way to do it is the one you mentioned in some posts above. You can contact us via e-mail and I can send you a more detailed example.

Alex_Egorov · December 3, 2019, 5:47pm

Please send me it to alexegorov (at) gmail.com

wlandgraf · December 4, 2019, 6:25pm

Done.

Radu_Mircea_PFA_Capota · December 6, 2019, 6:37pm

I need also this detailed example please, on rmc_soft@rdslink.ro.

Thank you.

wlandgraf · December 9, 2019, 5:43pm

Ok