Поиск  
Always will be ready notify the world about expectations as easy as possible: job change page
Jun 15, 2021

Encrypt your database columns with EntityFramework & .NET Core

Автор:
Emre Kizildas
Источник:
Просмотров:
4380

Hi everyone, this article include encrypting your database columns with EntityFramework. Your database providers can be MSSQL or PostgreSQL.

Considering that some database columns contain confidential data, it is of great importance that the data is encrypted in case of capture of our database.

In this article, it will be ensured that your “string” type data is kept encrypted in the database and can be displayed automatically by decrypting the relevant data when you want to use it.

Let’s Create a Project

In this step, let’s create a simple console application regardless of the requirements of any architectural approach.

After naming the project, let’s create it by choosing the “.Net 5.0” version of the project.

Let’s Install NuGet Packages

Let’s install the following NuGet packages to use in our project:

  • Microsoft.EntityFrameworkCore
  • Microsoft.EntityFrameworkCore.Design
  • Microsoft.EntityFrameworkCore.Tools
  • Npgsql.EntityFrameworkCore.PostgreSQL
  • EntityFrameworkCore.EncryptColumn

The .csproj file of the project will look like this:

Let’s Create Database Object and Table

Let’s create a folder named “Entity” in our project and create a class named “User” in it. You can create your “User” class as follows:

Then, in order to make this class a database table, let’s create a folder named “Context” in our project and create a class called “ExampleDbContext” inside it. This class should be created to inherit the “DbContext” class.

With some additional improvements, you can create a table named “Users” and automatically create the “ID” parameter in this table. Then, let’s apply our migration commands to make these codes into a table in the database.

Let’s run the “Add-Migration initialize” command over the “Package Manager Console”, then run the “update-database” command to make our database ready.

If the following error is received during these commands, a SQL script must be run:

CREATE TABLE IF NOT EXISTS "encryptexample"."__EFMigrationsHistory" (
"MigrationId" varchar(150) NOT NULL,
"ProductVersion" varchar(32) NOT NULL,
CONSTRAINT "PK___EFMigrationsHistory" PRIMARY KEY ("MigrationId")
);

When you set up your database correctly, you should get the screenshot below:

Determining Columns to Encrypt and Database Configuration

You need to use attribute as below for the columns you want to keep the data encrypted on your database. The “EncryptColumn” parameter in the “EntityFrameworkCore.EncryptColumn.Attribute” class will be used.

After determining the columns to be encrypted in our table, we can configure the database.

  • A parameter is created by using the “IEncryptionProvider” interface in the “ExampleDbContext” class.
  • We determine our encryption key in the constructor method of the “ExampleDbContext” class. Then we create our encryption provider.
  • Finally, we indicate that we will use the encryption provider within the “OnModelCreating” method.

modelBuilder.UseEncryption(this._provider);

The display of the “ExampleDbContext” class will finally look like this:

Data Adding and Listing

Let’s add a row to the “Users” table in our database for testing purposes in the “Program.cs” class. Next, let’s list the user we added.

The console screen that appears when we run this program is as follows:

As you know, we defined the “IdentityNumber” and “EmailAddress” columns as encrypted. The image of these fields in the database is as follows:

You can now use the “EncryptColumn” attribute for the columns you want in your database, so that the relevant column is stored with encrypted data in the database.

From the link below to the source code of the project:

EntityFrameworkCore.EncryptColumn.Example

Похожее
Jun 1
Author: Akalanka Dissanayake
In the second part of our series, the focus shifts towards validating the security and reliability of our ASP.NET 8 Web API through comprehensive integration testing. Integration testing plays a critical role in ensuring that our authentication mechanisms work as...
Jan 29
Author: Alex Maher
Performance tricks & best practices, beginner friendly Hey there! Today, I’m sharing some straightforward ways to speed up your .NET Core apps. No fancy words, just simple stuff that works. Let’s dive in! • • • 1. Asynchronous programming Asynchronous...
Apr 28, 2022
Author: Lucas Diogo
Day-to-day tips I use to develop APIs. Every day we need to develop new APIs, whether at work or for study purposes, and some features can help us with the use of good practices in a simple way. And through...
Aug 15, 2023
Whether you have an app with just a few users or millions of users per day, like Agoda, improving the user experience by optimizing application performance is always crucial. In the case of very high-traffic websites in the cloud, this...
Написать сообщение
Тип
Почта
Имя
*Сообщение
RSS
Если вам понравился этот сайт и вы хотите меня поддержать, вы можете
Чем CRM отличается от ERP
Что должен уметь Frontend разработчик в 2023 году (+Roadmap)
Soft skills: 18 самых важных навыков, которыми должен владеть каждый работник
Идентификация, Аутентификация, Авторизация. В чем же разница?
10 продвинутых способов писать в консоль помимо console.log
Стили именования переменных и функций. Используйте их все
Как мы столкнулись с версионированием и осознали, что вариант «просто проставить цифры» не работает
C# и .NET: Blazor
Выгорание эволюционирует. Что такое «тихий уход» — новый тренд среди офисных сотрудников
Функции и хранимые процедуры в PostgreSQL: зачем нужны и как применять в реальных примерах
LinkedIn: Sergey Drozdov
Boosty
Donate to support the project
GitHub account
GitHub profile