An ActiveSync Primer

An ActiveSync Primer

Dominic Salemno

What is ActiveSync?

When I speak of ActiveSync, I am speaking in regards to the protocol itself, not the application. In any communications protocol, there is always a purpose for the transmission. In the case of ActiveSync, it provides a means of ensuring that a specific mobile device is consistent in data, e-mail, and contacts with an exchange account. Ultimately, the goal is for the mobile device to contain the most up-to-date information.

How does it work?

The ActiveSync protocol uses request and response commands transported over HTTPS (HTTP Secured by Secure Sockets Layer). Each ActiveSync command is formatted in binary-encoded XML (WBXML) and sent via an HTTP POST (See [MS-ASWBXML]: https://msdn.microsoft.com/en-us/library/dd299442.aspx). This WBXML corresponds directly to XML elements and attributes by a tokenization process. The purpose behind this encoding is for efficient bandwidth usage due to the low-bandwidth nature of mobile clients employing the ActiveSync protocol.

Traversing down the stack, by undoing the tokenization process, you will see the XML Message. Each XML Message will vary in size and structure based upon the type of communications being done. However, the basic principle remains the same. Each XML Message will either be a request or a response.

An analysis of a sample ActiveSync Packet

An ActiveSync XML Message

<?xml version="1.0" encoding="utf-8"?>

<FolderSync xmlns="FolderHierarchy:">

  <SyncKey>2</SyncKey>

</FolderSync>

Binary-Encoded XML (WBXML) Representation of the XML Message

03 01 6A 00 00 07 56 52 03 32 00 01 01

HTTP POST Header and Body
See [MS-ASHTTP]: https://msdn.microsoft.com/en-us/library/dd299446.aspx

POST /Microsoft-Server
ActiveSync?Cmd=FolderSync&User=fakename&DeviceId=v140Device&DeviceType=SmartPhone HTTP/1.1
Content-Type: application/vnd.ms-sync.wbxml
MS-ASProtocolVersion: 14.0
User-Agent: ASOM
Host: Contoso.com

03 01 6A 00 00 07 56 52 03 32 00 01 01

An Overview of the WBXML Encoding

The following table presents how the WBXML encoding has happened

Bytes

Description

03

Version number – WBXML version 1.3

01

Unknown public identifier

6A

Charset = UTF-8

00

String table length

00 07

Select code page 7 (FolderHierarchy)

56

<FolderSync>, with content (0x16 + 0x40)

52

<SyncKey>, with content

03

Inline string follows

32 00

2

01

</SyncKey>

01

</FolderSync>

 

Summary

This blog was intended to present an introduction to the ActiveSync protocol. Although the example was fairly simple, this is the first step in grasping the foundation for the subsequent information in the series to this entry. Stay-tuned for more articles getting more in-depth to the intricate details surrounding ActiveSync!

ActiveSync_Primer.pdf