This library is all about a plugin to Azure ServiceBus Messaging Library that enables you to apply message payload encryption. This will help protect a sensitive message payload by encrypting and decrypting the service bus message.
This library provides an Azure ServiceBus Plugin that allows you to,
- Encrypt the message payload right after the
Send
is invoked on the message publisher and just before sending the message on topic. - Decrypt the message payload right after the message is received by the subscriber and before the message is handed over to the subscriber function.
The package can be download from this link.
And here is the command for the package manager to install the package:
Install-Package ServiceBus.MessageEncryption
Here is a list of algorithms supported by the library,
Algorithm | Supported |
---|---|
Rijndael Managed aka Advanced Encryption Standard (AES) | YES |
In a typical implementation of Rijndael Managed Symmetric algorithm, we need 2 inputs for the algorithm to encrypt and decrypt any payload.
Key | Description |
---|---|
Cryptography Key/Passphrase | - Primary passphrase that defines the key used to encrypt or decrypt the payload - Key will always be converted to a 256 bits Base64 string |
Initialization Vector | - Another key used to randomize the blocks used in the encryption algorithm - Key must not exceed 64 bytes of a string |
The Message Sender can be registered with the plugin with the code below,
var sender = new MessageSender(connectionString, topicPath, RetryPolicy.Default);
sender.EnableRijndaelManagedEncryption(cryptoKey, initVectorKey);
Please note that the EnableRijndaelManagedEncryption()
can be used on a TopicClient
too. Snippet Source can be found here.
And the Message Receiver can be registered with the plugin with the code below,
var receiver = new MessageReceiver(connectionString, subscriptionPath, ReceiveMode.PeekLock, RetryPolicy.Default);
receiver.EnableRijndaelManagedEncryption(cryptoKey, initVectorKey);
Please note that the EnableRijndaelManagedEncryption()
can be used on a SubscriptionClient
too. Snippet Source can be found here.