This sample demonstrates how to use EncryptedString
to encrypt and decrypt specific properties of a message as it passes through the pipeline.
Running the solution starts two console applications. Endpoint1
encrypts a message and sends it and Endpoint2
receives the encrypted message and decrypts it.
Endpoint1 output
MessageWithSecretData sent.
Endpoint2 output
I know the secret - it's 'betcha can't guess my secret'
SubSecret: My sub secret
CreditCard: 312312312312312 is valid to 3/11/2015 5:21:59 AM
CreditCard: 543645546546456 is valid to 3/11/2016 5:21:59 AM
Code walk-through
Message contract
The Shared
project contains MessageWithSecretData.
, which defines the message contract:
using WireEncryptedString = NServiceBus.Encryption.MessageProperty.EncryptedString;
public class MessageWithSecretData :
IMessage
{
public WireEncryptedString Secret { get; set; }
public MySecretSubProperty SubProperty { get; set; }
public List<CreditCardDetails> CreditCards { get; set; }
}
public class MySecretSubProperty
{
public WireEncryptedString Secret { get; set; }
}
public class CreditCardDetails
{
public DateTime ValidTo { get; set; }
public WireEncryptedString Number { get; set; }
}
Encryption configuration
Encryption is enabled by calling an extension method in Program.
in both Endpoint1
and Endpoint2
:
endpointConfiguration.ConfigurationEncryption();
The extension method is in Shared/
:
public static void ConfigurationEncryption(this EndpointConfiguration endpointConfiguration)
{
var encryptionService = new RijndaelEncryptionService(
encryptionKeyIdentifier: "2015-10",
key: Convert.FromBase64String("gdDbqRpqdRbTs3mhdZh9qCaDaxJXl+e6"));
endpointConfiguration.EnableMessagePropertyEncryption(encryptionService);
}
The message on the wire
The serialized message content can be seen by running Endpoint1
without running Endpoint2
.
Messages are queued in the .
folder next to the solution. The message will be contained in a file in the Samples.
sub-folder with the following content (XML namespaces removed for clarity):
<?xml version="1.0" encoding="UTF-8"?>
<MessageWithSecretData>
<Secret>
<EncryptedValue>
<EncryptedBase64Value>VOQk8pvlMdpdAgQiJldg2WZQCL86FxFMEd0VsTydOSw=</EncryptedBase64Value>
<Base64Iv>4OnlFC1WyhTmkDLyfOdnYQ==</Base64Iv>
</EncryptedValue>
</Secret>
<SubProperty>
<Secret>
<EncryptedValue>
<EncryptedBase64Value>uEjQePtNlhkWEr5QHgiLbA==</EncryptedBase64Value>
<Base64Iv>kh5C9W9picaOZ5dhz4adlA==</Base64Iv>
</EncryptedValue>
</Secret>
</SubProperty>
<CreditCards>
<CreditCardDetails>
<ValidTo>2024-03-08T21:08:34.091063Z</ValidTo>
<Number>
<EncryptedValue>
<EncryptedBase64Value>Iv621YNDox3pd1zIbkeRrA==</EncryptedBase64Value>
<Base64Iv>VPrVGB888YmKhi8lgkNFtg==</Base64Iv>
</EncryptedValue>
</Number>
</CreditCardDetails>
<CreditCardDetails>
<ValidTo>2025-03-08T21:08:34.093907Z</ValidTo>
<Number>
<EncryptedValue>
<EncryptedBase64Value>WY69+QzkqqKJ6UYCemShUg==</EncryptedBase64Value>
<Base64Iv>BFLz5jz0DdhJNK01MFrMmA==</Base64Iv>
</EncryptedValue>
</Number>
</CreditCardDetails>
</CreditCards>
</MessageWithSecretData>