RC7 ServerPeerBase Encryption

Options
dragagon
dragagon
edited December 2011 in Photon Server
So in RC4 I didn't have to set up any type of encryption between applications. I moved to RC7 and now I'm getting an error message saying that Encryption hasn't been set up between my "Master server" and my "Sub servers". From client to server this is an easy call, but I'm not sure what I should be doing now.

The reason I am even asking this is because the Master Server is nothing more than a proxy. It adds 1 or 2 specific pieces of data to the incoming packet and passes it along to the sub server using the exact same send parameters, in this way I can send a packet encrypted and get it on the sub server the same way, or i can send a packet back through the master server to the client and encrypt it during packet creation instead of worrying about having some lookup on the master server to know if it should encrypt that specific packet before sending it back to the client. It is extra code that I don't think is necessary (though I may be incurring a penalty by sending it to the master server encrypted) because it keeps my master server from having to know about specific packets.

Comments

  • dragagon
    dragagon
    Options
    As a follow up. one in every 10 or so connections seems to be getting this issue using RC7


    2011-11-25 12:39:51,047 [12] ERROR PhotonHostRuntime.PhotonDomainManager - System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.
    at System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast)
    at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
    at Photon.SocketServer.Security.RijndaelCryptoProvider.Decrypt(Byte[] data, Int32 offset, Int32 count) in c:\build\photon-socketserver-sdk_3.0\src\Photon.SocketServer\Security\RijndaelCryptoProvider.cs:line 122
    at Photon.SocketServer.Rpc.Protocols.GpBinaryByte.GpBinaryByteProtocolV16.TryParseOperationRequestEncrypted(Byte[] data, ICryptoProvider cryptoProvider, OperationRequest& operationRequest) in c:\build\photon-socketserver-sdk_3.0\src\Photon.SocketServer\Rpc\Protocols\GpBinaryByte\GpBinaryByteProtocolV16.cs:line 547
    at Photon.SocketServer.PeerBase.OnReceiveInternal(Byte[] data, SendParameters sendParameters) in c:\build\photon-socketserver-sdk_3.0\src\Photon.SocketServer\PeerBase.cs:line 627
    at ExitGames.Concurrency.Core.DefaultExecutor.Execute(List`1 toExecute) in c:\Dev\exitgames-libs\src\Core\Concurrency\Core\DefaultExecutor.cs:line 21
    at ExitGames.Concurrency.Fibers.PoolFiber.Flush(Object ) in c:\Dev\exitgames-libs\src\Core\Concurrency\Fibers\PoolFiber.cs:line 216
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean ignoreSyncCtx)
    at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
    at System.Threading.ThreadPoolWorkQueue.Dispatch()
    at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
  • Tobias
    Tobias admin
    Options
    You can't pass on encrypted data. That's the idea of encryption, after all :)
    If your proxy is not totally transparent, then encryption will only work between client and the proxy and some other encryption works between proxy and server.

    We usually try to avoid those proxy setups at all. Our Loadbalancing solution re-connects the client to the actual game server. Each connect, encryption values must be exchanged.

    We will look into the error description. Thanks for reporting it.
  • dragagon
    dragagon
    Options
    The idea behind the first comment isn't that I want it to pass the data through, it is that I need a way for 2 applications to exchange keys. The Client has a single method it can call that will do it for Unity3d, I'd like to see the same functionality available in the ServerPeerBase so that I can quickly set up encryption between 2 servers, at this point in time, I cannot.
  • Tobias
    Tobias admin
    Options
    Ah, so you want the server-side class ServerPeerBase to offer encryption. That clears some things.

    I will update you here when there's something new.

Cookies,
anyone?

We use cookies and related technologies to enhance your experience, show you personalised content and analyze performance and traffic on our website. By clicking on the „Accept All“ button you consent to the use of non-functional cookies and the subsequent processing of personal data to optimize our website and services as described in more detail in our Privacy and Cookie Policy.

By clicking on the „Customize or Deny all“ button you can decide otherwise. Clicking on the „Customize“ button will take you to a page where you can configure the usage of non-functional cookies (and related technologies) or deny all of them. You can access these settings at any time and also subsequently deselect cookies at any time in the footer area of our website.

ACCEPT ALL

Cookie Overview

We use the following categories of cookies and related technologies to enhance your experience, show you personalized content, and analyze performance and traffic on our website. We respect your right to privacy and accordingly you can chose to not allow some types of cookies (and related technologies). Click on the different category sliders and change our default settings to manage your cookie settings.

For more information on the specific cookies/related technologies we use and on how we use these, please see section 15 E. of our Privacy and Cookie Policy.

ABSOLUTELY NECESSARY

Authentication cookies we use are required to run our services … Cookies are required: Link

FUNCTIONAL AND MARKETING COOKIES

These cookies collect anonymous data and allow us to optimize our website and user experience. These cookies are listed here:

ANALYTICS

Help us to understand how visitors interact with our services, enables us to analyze and improve our services (also through third party analytics).