0

I have enabled encryption for my RabbitMQ bus as per MassTransit documentation:

bus = Bus.Factory.CreateUsingRabbitMq(rabbit =>
{
    rabbit.Durable = true;
    
    rabbit.Host(new Uri(settings.ServerUri), h =>
    {
        h.Username(settings.Username);
        h.Password(settings.Password);
    });

    rabbit.ClearMessageDeserializers();
    rabbit.UseEncryption(Convert.FromBase64String("..."));

    ...
});

I have also added subscription for a routing slip completed event:

var builder = new RoutingSlipBuilder(NewId.NextGuid());
builder.AddActivity(...);
await builder.AddSubscription(queueUri, RoutingSlipEvents.Completed,
                x => x.Send<xxxRoutingSlipCompleted>(new { ctx.Data.CorrelationId }));

While all other messages get encrypted as expected, routing slip events get sent in plain text (as can be seen in RabbitMQ queue) and result in the following exception:

System.Runtime.Serialization.SerializationException: 
No deserializer was registered for the message content type: application/vnd.masstransit+json.
Supported content types include application/vnd.masstransit.v2+aes 
at MassTransit.Serialization.SupportedMessageDeserializers.Deserialize(ReceiveContext receiveContext) 
at MassTransit.Pipeline.Filters.DeserializeFilter.Send(ReceiveContext context, IPipe`1 next) 
at GreenPipes.Filters.RescueFilter`2.GreenPipes.IFilter<TContext>.Send(TContext context, IPipe`1 next)

Is there some additional configuration that needs to be applied to routing slips (I can't see anything relevant on the ISendEndpoint interface) or is this a bug in MassTransit?

IvanD
  • 1
  • Is the same serializer configuration applied to the endpoints hosting the routing slip activities? That's where the events are produced, which seem to currently be serializing using the default JSON serializer. – Chris Patterson Jun 15 '21 at 12:51
  • I thought that enabling encryption on the bus level would be global, but I also invoked the same code (ClearMessageDeserializers/UseEncryption) against the same instances of IReceiveEndpointConfigurator that were used to configure the activity (eg ConfigureActivityExecute, ConfigureExecuteActivity, ConfigureActivityCompensate) and and it didn't fix the issue. Is there a separate endpoint for the events that needs to be explicitly configured as well? – IvanD Jun 15 '21 at 13:05
  • You might need to leave the JSON deserializer in place, I think the events are published using JSON since it transforms the event for the subscription. – Chris Patterson Jun 15 '21 at 13:25
  • "I think the events are published using JSON" - so it is not possible to have the events encrypted and they are always published in plain json? Or am I misreading this? – IvanD Jun 15 '21 at 13:42
  • That's what I'm saying, yes. For subscriptions, at least. – Chris Patterson Jun 15 '21 at 13:43
  • @ChrisPatterson Hi Chris, I've been going through the MassTransit source code in the past couple of days and I think I found where this issue potentially resides. In RoutingSlipEventPublisher.cs there is the following line: var adapter = new MessageEnvelopeContextAdapter(null, subscription.Message, JsonMessageSerializer.ContentTypeHeaderValue, message);. MessageEnvelopeContextAdapter is hardcoded to use json serialization but I can't really see any reason it can't use a crypto serializer there if necessary. Could you please confirm you still believe it is a feature and not a bug? Thanks. – IvanD Jun 24 '21 at 23:52
  • Well, the events are transformed using the JSON serializer, so I'm not sure how you'd get from transformed JSON to the encrypted format based upon the configured serializer. It's more of a limitation, and not a priority for me. You're welcome to come up with a solution and submit a PR. – Chris Patterson Jun 24 '21 at 23:57
  • I am of course not familiar enough with the MT internals, but I thought that that code was the final hop that delivers the event to the consumer endpoint, so it is only a matter of serializing the message envelope to the transport and everything was in json prior to that. I also thought that message encryption only affects what gets sent to the broker, and is transparent for everything else, so if EnvelopeMessageSerializer was to use a crypto serializer and the receiving endpoint was configured to use a crypto deserializer it would just work. Am I misunderstanding all of this? – IvanD Jun 25 '21 at 00:21

0 Answers0