Encryption of lists and fields are now supported.

Closes #625

Author: andreasohlund

Samples/Encryption/Client/Client.cs

@@ -4,6 +4,7 @@
 
 namespace Client
 {
+    using System.Collections.Generic;
     using NServiceBus.Encryption.Config;
 
     public class EndpointConfig : IConfigureThisEndpoint, AsA_Client {}
@@ -12,8 +13,8 @@ public class SecurityConfig : IWantCustomInitialization
     {
         public void Init()
         {
-            Configure.Instance.RijndaelEncryptionService()
-             .DisableCompatibilityWithNSB2();//remove this line if you need to be compatible with a 2.X server
+            Configure.Instance.RijndaelEncryptionService();
+             //.DisableCompatibilityWithNSB2();//uncomment this line to turn off compatibility with2.X endpoints
         }
     }
 
@@ -28,6 +29,11 @@ public void Run()
                                                     {
                                                         m.Secret = "betcha can't guess my secret";
                                                         m.SubProperty = new MySecretSubProperty {Secret = "My sub secret"};
+                                                        m.CreditCards = new List<CreditCardDetails>
+                                                                                  {
+                                                                                      new CreditCardDetails{ValidTo = DateTime.UtcNow.AddYears(1), Number = "312312312312312"},
+                                                                                      new CreditCardDetails{ValidTo = DateTime.UtcNow.AddYears(2), Number = "543645546546456"}
+                                                                                  };
                                                     });
             }
         }

Samples/Encryption/Messages/MessageWithSecretData.cs

@@ -1,12 +1,21 @@
 using NServiceBus;
 
 namespace Messages
-{
+{
+    using System;
+    using System.Collections.Generic;
+
     public class MessageWithSecretData : IMessage
     {
         public WireEncryptedString Secret { get; set; }
         public MySecretSubProperty SubProperty{ get; set; }
-        
+        public List<CreditCardDetails> CreditCards { get; set; }
+    }
+
+    public class CreditCardDetails
+    {
+        public DateTime ValidTo { get; set; }
+        public WireEncryptedString Number { get; set; }
     }
 
     public class MySecretSubProperty

Samples/Encryption/Server/Server.cs

@@ -1,24 +1,32 @@
-using System;
-using Messages;
-using NServiceBus;
-
-namespace Server
-{
-    public class EndpointConfig : IConfigureThisEndpoint, AsA_Server, IWantCustomInitialization
-    {
-        public void Init()
-        {
-            Configure.With()
-                .StructureMapBuilder()
-                .RijndaelEncryptionService();
-        }
-    }
-
-    public class Handler : IHandleMessages<MessageWithSecretData>
-    {
-        public void Handle(MessageWithSecretData message)
-        {
-            Console.WriteLine("I know your secret - it's '" + message.Secret + "'. And the subsecret is: " + message.SubProperty.Secret );
-        }
-    }
-}
+using System;
+using Messages;
+using NServiceBus;
+
+namespace Server
+{
+    public class EndpointConfig : IConfigureThisEndpoint, AsA_Server, IWantCustomInitialization
+    {
+        public void Init()
+        {
+            Configure.With()
+                .StructureMapBuilder()
+                .RijndaelEncryptionService();
+        }
+    }
+
+    public class Handler : IHandleMessages<MessageWithSecretData>
+    {
+        public void Handle(MessageWithSecretData message)
+        {
+            Console.Out.WriteLine("I know your secret - it's '" + message.Secret + "'");
+
+            if (message.SubProperty != null)
+                Console.Out.WriteLine("SubSecret: " + message.SubProperty.Secret);
+
+
+            if (message.CreditCards != null)
+                foreach (var creditCard in message.CreditCards)
+                    Console.Out.WriteLine("CreditCard: {0} is valid to {1}", creditCard.Number.Value, creditCard.ValidTo);
+        }
+    }
+}

src/encryption/NServiceBus.Encryption/EncryptionMessageMutator.cs

@@ -5,6 +5,7 @@
 
 namespace NServiceBus.Encryption
 {
+    using System.Collections;
     using System.Collections.Concurrent;
     using System.Collections.Generic;
     using System.Reflection;
@@ -19,45 +20,74 @@ public class EncryptionMessageMutator : IMessageMutator
 
         public object MutateOutgoing(object message)
         {
-            EncryptObject(message);
+            ForEachMember(message, EncryptMember, IsEncryptedMember);
+
             return message;
         }
 
-        void EncryptObject(object target)
+
+        public object MutateIncoming(object message)
         {
-            var properties = GetAllProperties(target);
+            ForEachMember(message, DecryptMember, IsEncryptedMember);
+            return message;
+        }
+
+        bool IsEncryptedMember(MemberInfo arg)
+        {
+            if (arg is PropertyInfo)
+                return ((PropertyInfo)arg).IsEncryptedProperty();
+
+            if (arg is FieldInfo)
+                return ((FieldInfo)arg).FieldType == typeof(WireEncryptedString);
+
+            return false;
 
-            foreach (var property in properties)
+        }
+        void ForEachMember(object root, Action<object, MemberInfo> action, Func<MemberInfo, bool> appliesTo)
+        {
+            if (root == null || visitedMembers.Contains(root))
+                return;
+
+            visitedMembers.Add(root);
+
+            var members = GetFieldsAndProperties(root);
+
+            foreach (var member in members)
             {
-                if (property.IsEncryptedProperty())
-                {
-                    EncryptProperty(target, property);
-                    continue;
-                }
 
-                if (property.PropertyType.IsPrimitive || IsSystemType(property.PropertyType))
+                if (appliesTo(member))
+                    action(root, member);
+
+                //don't recurse over primitives and system types
+                if (member.ReflectedType.IsPrimitive || member.ReflectedType.IsSystemType())
                     continue;
 
-                //recurse
-                EncryptObject(property.GetValue(target, null));
+                var child = member.GetValue(root);
+
+                if (child is IEnumerable)
+                    foreach (var item in (IEnumerable)child)
+                        ForEachMember(item, action, appliesTo);
+                else
+                    ForEachMember(child, action, appliesTo);
             }
         }
 
-        void EncryptProperty(object target, PropertyInfo encryptedProperty)
+
+        void EncryptMember(object target, MemberInfo member)
         {
-            var valueToEncrypt = encryptedProperty.GetValue(target, null);
+            var valueToEncrypt = member.GetValue(target);
 
             if (valueToEncrypt == null)
                 return;
 
             if (EncryptionService == null)
                 throw new InvalidOperationException(
                     String.Format("Cannot encrypt field {0} because no encryption service was configured.",
-                                  encryptedProperty.Name));
+                                  member.Name));
 
             if (valueToEncrypt is WireEncryptedString)
             {
-                var encryptedString = (WireEncryptedString) valueToEncrypt;
+                var encryptedString = (WireEncryptedString)valueToEncrypt;
                 EncryptWireEncryptedString(encryptedString);
 
                 if (!ConfigureEncryption.EnsureCompatibilityWithNSB2)
@@ -69,50 +99,17 @@ void EncryptProperty(object target, PropertyInfo encryptedProperty)
             }
             else
             {
-                encryptedProperty.SetValue(target, EncryptUserSpecifiedProperty(valueToEncrypt), null);
+                member.SetValue(target, EncryptUserSpecifiedProperty(valueToEncrypt));
             }
 
-            Log.Debug(encryptedProperty.Name + " encrypted successfully");
-        }
-
-
-        public object MutateIncoming(object message)
-        {
-            DecryptObject(message);
-            return message;
+            Log.Debug(member.Name + " encrypted successfully");
         }
 
-        void DecryptObject(object target)
-        {
-            var properties = GetAllProperties(target);
-
-            foreach (var property in properties)
-            {
-                if (property.IsEncryptedProperty())
-                {
-                    DecryptProperty(target, property);
-                    continue;
-                }
-
-                if (property.PropertyType.IsPrimitive || IsSystemType(property.PropertyType))
-                    continue;
-
-                //recurse
-                DecryptObject(property.GetValue(target, null));
-            }
-        }
 
-        bool IsSystemType(Type propertyType)
+        void DecryptMember(object target, MemberInfo property)
         {
-            var nameOfContainingAssembly = propertyType.Assembly.FullName.ToLower();
 
-            return nameOfContainingAssembly.StartsWith("mscorlib") || nameOfContainingAssembly.StartsWith("system.core");
-        }
-
-        void DecryptProperty(object target, PropertyInfo property)
-        {
-          
-            var encryptedValue = property.GetValue(target, null);
+            var encryptedValue = property.GetValue(target);
 
             if (encryptedValue == null)
                 return;
@@ -122,10 +119,10 @@ void DecryptProperty(object target, PropertyInfo property)
                     String.Format("Cannot decrypt field {0} because no encryption service was configured.", property.Name));
 
             if (encryptedValue is WireEncryptedString)
-                Decrypt((WireEncryptedString) encryptedValue);
+                Decrypt((WireEncryptedString)encryptedValue);
             else
             {
-                property.SetValue(target, DecryptUserSpecifiedProperty(encryptedValue), null);
+                property.SetValue(target, DecryptUserSpecifiedProperty(encryptedValue));
             }
 
             Log.Debug(property.Name + " decrypted successfully");
@@ -149,6 +146,9 @@ string DecryptUserSpecifiedProperty(object encryptedValue)
 
         void Decrypt(WireEncryptedString encryptedValue)
         {
+            if (encryptedValue.EncryptedValue == null)
+                throw new InvalidOperationException("Encrypted property is missing encryption data");
+
             encryptedValue.Value = EncryptionService.Decrypt(encryptedValue.EncryptedValue);
         }
 
@@ -170,21 +170,56 @@ void EncryptWireEncryptedString(WireEncryptedString wireEncryptedString)
             wireEncryptedString.Value = null;
 
         }
-        static IEnumerable<PropertyInfo> GetAllProperties(object target)
+        static IEnumerable<MemberInfo> GetFieldsAndProperties(object target)
         {
             if (target == null)
-                return new List<PropertyInfo>();
+                return new List<MemberInfo>();
 
             var messageType = target.GetType();
 
             if (!cache.ContainsKey(messageType))
-                cache[messageType] = messageType.GetProperties()
+                cache[messageType] = messageType.GetMembers(BindingFlags.Public | BindingFlags.Instance)
+                  .Where(m => m is FieldInfo || m is PropertyInfo)
                  .ToList();
 
             return cache[messageType];
         }
-        readonly static IDictionary<Type, IEnumerable<PropertyInfo>> cache = new ConcurrentDictionary<Type, IEnumerable<PropertyInfo>>();
+
+        readonly HashSet<object> visitedMembers = new HashSet<object>();
+
+        readonly static IDictionary<Type, IEnumerable<MemberInfo>> cache = new ConcurrentDictionary<Type, IEnumerable<MemberInfo>>();
 
         readonly static ILog Log = LogManager.GetLogger(typeof(IEncryptionService));
     }
+
+
+    public static class TypeExtensions
+    {
+        public static bool IsSystemType(this Type propertyType)
+        {
+            var nameOfContainingAssembly = propertyType.Assembly.FullName.ToLower();
+
+            return nameOfContainingAssembly.StartsWith("mscorlib") || nameOfContainingAssembly.StartsWith("system.core");
+        }
+    }
+
+    public static class MemberInfoExtensions
+    {
+        public static object GetValue(this MemberInfo member, object source)
+        {
+            if (member is FieldInfo)
+                return ((FieldInfo)member).GetValue(source);
+
+            return ((PropertyInfo)member).GetValue(source, null);
+        }
+
+        public static void SetValue(this MemberInfo member, object target, object value)
+        {
+            if (member is FieldInfo)
+                ((FieldInfo)member).SetValue(target, value);
+            else
+                ((PropertyInfo)member).SetValue(target, value, null);
+        }
+
+    }
 }

tests/encryption/NServiceBus.Encryption.Tests/ConventionBasedEncryptedStringSpecs.cs

@@ -15,7 +15,7 @@ public void Should_encrypt_the_value()
                               };
             mutator.MutateOutgoing(message);
 
-            Assert.AreEqual(string.Format("{0}@{1}", "encrypted value", "initialization_vector"), message.EncryptedSecret);
+            Assert.AreEqual(string.Format("{0}@{1}", "encrypted value", "init_vector"), message.EncryptedSecret);
         }
     }
     [TestFixture]
@@ -26,7 +26,7 @@ public void Should_encrypt_the_value()
         {
             var message = new ConventionBasedSecureMessage()
             {
-                EncryptedSecret = "encrypted_value@init_vector"
+                EncryptedSecret = "encrypted value@init_vector"
             };
             mutator.MutateIncoming(message);
 
@@ -56,18 +56,11 @@ public void Should_throw_an_exception()
     }
 
 
-    public class UserDefinedConventionContext
+    public class UserDefinedConventionContext : WireEncryptedStringContext
     {
-        protected EncryptionMessageMutator mutator;
-
         [SetUp]
         public void SetUp()
         {
-            mutator = new EncryptionMessageMutator
-            {
-                EncryptionService = new FakeEncryptionService("encrypted value")
-            };
-
             MessageConventionExtensions.IsEncryptedPropertyAction = (p) => p.Name.StartsWith("Encrypted");
         }
     }