Message Property Encryption

Component: Message Property Encryption
NuGet NServiceBus.Encryption.MessageProperty (1.x)
Target NServiceBus Version: 6.x

Run the solution.

Two console applications will start up.


Which outputs

MessageWithSecretData sent.


Which outputs

I know the secret - it's 'betcha can't guess my secret'
SubSecret: My sub secret
CreditCard: 312312312312312 is valid to 3/11/2015 5:21:59 AM
CreditCard: 543645546546456 is valid to 3/11/2016 5:21:59 AM

Code walk-through

The message contract

Starting with the Shared project, open the MessageWithSecretData.cs file and look at the following code:

using NServiceBus;
using WireEncryptedString = NServiceBus.Encryption.MessageProperty.EncryptedString;

public class MessageWithSecretData :
    public WireEncryptedString Secret { get; set; }
    public MySecretSubProperty SubProperty { get; set; }
    public List<CreditCardDetails> CreditCards { get; set; }

public class MySecretSubProperty
    public WireEncryptedString Secret { get; set; }

public class CreditCardDetails
    public DateTime ValidTo { get; set; }
    public WireEncryptedString Number { get; set; }

How is encryption configured.

Open either one of the Program.cs. Notice the line


This code indicates that encryption should be enabled.

The key is then configured using

using System.Text;
using NServiceBus;
using NServiceBus.Encryption.MessageProperty;

public static class EncryptionExtensions
    public static void ConfigurationEncryption(this EndpointConfiguration endpointConfiguration)
        var encryptionService = new RijndaelEncryptionService(
            encryptionKeyIdentifier: "2015-10",
            key: Encoding.ASCII.GetBytes("gdDbqRpqdRbTs3mhdZh9qCaDaxJXl+e6"));


The message on the wire

Now run Endpoint1 on its own (i.e. don't start Endpoint2).

Go to the server queue (called EncryptionSampleEndpoint1) and view the message content.

The message will look like this:

"MessageWithSecretData": {
  "Secret": {
    "EncryptedValue": {
      "EncryptedBase64Value": "+eeBont5Lzlre4cxDi8QT/M6EbAGxTerniqywbpLBVA=",
      "Base64Iv": "u8n8ds0Ssf/AdJCxpOG7AQ=="

Last modified