Newtonsoft Json Encryption

Component: Newtonsoft Encryption
NuGet Package NServiceBus.Newtonsoft.Encryption (1.x)
This is a community run project
Target NServiceBus Version: 6.x

Leverages the NServiceBus.Newtonsoft.Encryption extension to encrypt specific nodes of a serialized message. This is done using the extension points of Json.NET, and as such is more efficient (in terms of memory and CPU) than the Message Property Encryption component.

Run the solution.

Two console applications will start up.

Endpoint1

Which outputs

MessageWithSecretData sent.

Endpoint2

Which outputs

I know the secret - it's 'betcha can't guess my secret'
SubSecret: My sub secret
CreditCard: 312312312312312 is valid to 3/11/2015 5:21:59 AM
CreditCard: 543645546546456 is valid to 3/11/2016 5:21:59 AM

Code walk-through

The message contract

Starting with the Shared project, open the MessageWithSecretData.cs file and look at the following code:

public class MessageWithSecretData :
    IMessage
{
    [Encrypt]
    public string Secret;
    public MySecretSubProperty SubProperty;
    public List<CreditCardDetails> CreditCards;
}

public class MySecretSubProperty
{
    [Encrypt]
    public string Secret;
}

public class CreditCardDetails
{
    public DateTime ValidTo;
    [Encrypt]
    public string Number;
}

Encryption configuration

Open either one of the Program.cs. Notice the line

endpointConfiguration.ConfigurationEncryption();

This code indicates that encryption should be enabled.

The key is then configured in the EncryptionExtensions.cs file using

public static void ConfigurationEncryption(this EndpointConfiguration endpointConfiguration)
{
    var key = Encoding.UTF8.GetBytes("gdDbqRpqdRbTs3mhdZh9qCaDaxJXl+e6");
    var serialization = endpointConfiguration.UseSerialization<NewtonsoftSerializer>();
    var encryptionFactory = new EncryptionFactory();
    serialization.Settings(
        new JsonSerializerSettings
        {
            ContractResolver = encryptionFactory.GetContractResolver()
        });

    endpointConfiguration.EnableJsonEncryption(
        encryptionFactory: encryptionFactory,
        encryptStateBuilder: () =>
            (
            algorithm: new RijndaelManaged
            {
                Key = key
            },
            keyId: "1"
            ),
        decryptStateBuilder: (keyId, initVector) =>
            new RijndaelManaged
            {
                Key = key,
                IV = initVector
            });
}

The message on the wire

Now run Endpoint1 on its own (i.e. don't start Endpoint2).

Open the .learningtransport folder for Samples.Encryption.Endpoint2 and view the message content.

The message will look like this:

{
   "Secret":"L6sv2UjRckKcO5sYgeLTtOZSM9XEVzjKMgL8HkAqp4s=",
   "SubProperty":{
      "Secret":"QyQCkTOYtpFYVOo7XH8cEw=="
   },
   "CreditCards":[
      {
         "ValidTo":"2018-09-27T13:23:40.0659704Z",
         "Number":"Ne3i4KW+1o99XqowLpy8fw=="
      },
      {
         "ValidTo":"2019-09-27T13:23:40.0659704Z",
         "Number":"GBHwR51fV/56ez2b9ZRfwg=="
      }
   ]
}

Last modified