Add fluent configuration support

Author: Eastrall

EntityFrameworkCore.DataEncryption.sln

@@ -29,6 +29,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "workflows", "workflows", "{
 		.github\workflows\build.yml = .github\workflows\build.yml
 	EndProjectSection
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AesSample.Fluent", "samples\AesSample.Fluent\AesSample.Fluent.csproj", "{CF04DE64-713F-4ED3-9C14-B7C11D22454C}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -47,6 +49,10 @@ Global
 		{8AA1E576-4016-4623-96C8-90330F05F9A8}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{8AA1E576-4016-4623-96C8-90330F05F9A8}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{8AA1E576-4016-4623-96C8-90330F05F9A8}.Release|Any CPU.Build.0 = Release|Any CPU
+		{CF04DE64-713F-4ED3-9C14-B7C11D22454C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{CF04DE64-713F-4ED3-9C14-B7C11D22454C}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{CF04DE64-713F-4ED3-9C14-B7C11D22454C}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{CF04DE64-713F-4ED3-9C14-B7C11D22454C}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -57,6 +63,7 @@ Global
 		{8AA1E576-4016-4623-96C8-90330F05F9A8} = {64C3D7D1-67B8-4070-AE67-C71B761535CC}
 		{EEF46CDC-C438-48FC-BEF7-83AEE26C63F7} = {3A8D800E-77BD-44EF-82DB-C672281ECAAA}
 		{4F549FEF-C57B-4A34-A2C7-8A632762DF85} = {EEF46CDC-C438-48FC-BEF7-83AEE26C63F7}
+		{CF04DE64-713F-4ED3-9C14-B7C11D22454C} = {64C3D7D1-67B8-4070-AE67-C71B761535CC}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {4997BAE9-29BF-4D79-AE5E-5605E7A0F049}

samples/AesSample.Fluent/AesSample.Fluent.csproj

@@ -0,0 +1,24 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+	<PropertyGroup>
+		<OutputType>Exe</OutputType>
+		<TargetFrameworks>net6.0;net5.0</TargetFrameworks>
+		<LangVersion>10</LangVersion>
+	</PropertyGroup>
+
+	<ItemGroup Condition="('$(TargetFramework)' == 'net5.0')">
+		<PackageReference Include="Microsoft.EntityFrameworkCore" Version="[5,)" />
+		<PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="[5,)" />
+		<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="[5,)" />
+	</ItemGroup>
+	<ItemGroup Condition="('$(TargetFramework)' == 'net6.0')">
+		<PackageReference Include="Microsoft.EntityFrameworkCore" Version="[6,)" />
+		<PackageReference Include="Microsoft.EntityFrameworkCore.Sqlite" Version="[6,)" />
+		<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="[6,)" />
+	</ItemGroup>
+
+	<ItemGroup>
+		<ProjectReference Include="..\..\src\EntityFrameworkCore.DataEncryption\EntityFrameworkCore.DataEncryption.csproj" />
+	</ItemGroup>
+
+</Project>

samples/AesSample.Fluent/DatabaseContext.cs

@@ -0,0 +1,35 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.EntityFrameworkCore.DataEncryption;
+using System.ComponentModel.DataAnnotations;
+
+namespace AesSample.Fluent;
+
+public class DatabaseContext : DbContext
+{
+    private readonly IEncryptionProvider _encryptionProvider;
+
+    public DbSet<UserEntity> Users { get; set; }
+
+    public DatabaseContext(DbContextOptions<DatabaseContext> options, IEncryptionProvider encryptionProvider)
+        : base(options)
+    {
+        _encryptionProvider = encryptionProvider;
+    }
+
+    protected override void OnModelCreating(ModelBuilder modelBuilder)
+    {
+        var userEntityBuilder = modelBuilder.Entity<UserEntity>();
+
+        userEntityBuilder.HasKey(x => x.Id);
+        userEntityBuilder.Property(x => x.Id).IsRequired().ValueGeneratedOnAdd();
+        userEntityBuilder.Property(x => x.FirstName).IsRequired();
+        userEntityBuilder.Property(x => x.LastName).IsRequired();
+        userEntityBuilder.Property(x => x.Email).IsRequired().IsEncrypted();
+        userEntityBuilder.Property(x => x.EncryptedData).IsRequired().IsEncrypted();
+        userEntityBuilder.Property(x => x.EncryptedDataAsString).IsRequired().HasColumnType("TEXT").IsEncrypted(StorageFormat.Base64);
+
+        modelBuilder.UseEncryption(_encryptionProvider);
+
+        base.OnModelCreating(modelBuilder);
+    }
+}

samples/AesSample.Fluent/Program.cs

@@ -0,0 +1,47 @@
+using Microsoft.Data.Sqlite;
+using Microsoft.EntityFrameworkCore.DataEncryption.Providers;
+using Microsoft.EntityFrameworkCore;
+using System;
+using System.Linq;
+
+namespace AesSample.Fluent;
+
+internal class Program
+{
+    static void Main(string[] args)
+    {
+        using SqliteConnection connection = new("DataSource=:memory:");
+        connection.Open();
+
+        var options = new DbContextOptionsBuilder<DatabaseContext>()
+            .UseSqlite(connection)
+            .Options;
+
+        // AES key randomly generated at each run.
+        AesKeyInfo keyInfo = AesProvider.GenerateKey(AesKeySize.AES256Bits);
+        byte[] encryptionKey = keyInfo.Key;
+        byte[] encryptionIV = keyInfo.IV;
+        var encryptionProvider = new AesProvider(encryptionKey, encryptionIV);
+
+        using var context = new DatabaseContext(options, encryptionProvider);
+        context.Database.EnsureCreated();
+
+        var user = new UserEntity
+        {
+            FirstName = "John",
+            LastName = "Doe",
+            Email = "[email protected]",
+            EncryptedData = new byte[2] { 1, 2 },
+            EncryptedDataAsString = new byte[2] { 3, 4 }
+        };
+
+        context.Users.Add(user);
+        context.SaveChanges();
+
+        Console.WriteLine($"Users count: {context.Users.Count()}");
+
+        user = context.Users.First();
+
+        Console.WriteLine($"User: {user.FirstName} {user.LastName} - {user.Email}");
+    }
+}

samples/AesSample.Fluent/UserEntity.cs

@@ -0,0 +1,18 @@
+using System;
+
+namespace AesSample.Fluent;
+
+public class UserEntity
+{
+    public Guid Id { get; set; }
+
+    public string FirstName { get; set; }
+
+    public string LastName { get; set; }
+
+    public string Email { get; set; }
+
+    public byte[] EncryptedData { get; set; }
+    
+    public byte[] EncryptedDataAsString { get; set; }
+}

samples/AesSample/AesSample.csproj

@@ -1,10 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
-  <PropertyGroup>
-    <OutputType>Exe</OutputType>
-    <TargetFrameworks>net5.0;net6.0</TargetFrameworks>
-	  <LangVersion>10</LangVersion>
-  </PropertyGroup>
+	<PropertyGroup>
+		<OutputType>Exe</OutputType>
+		<TargetFrameworks>net5.0;net6.0</TargetFrameworks>
+		<LangVersion>10</LangVersion>
+	</PropertyGroup>
 
 	<ItemGroup Condition="('$(TargetFramework)' == 'net5.0')">
 		<PackageReference Include="Microsoft.EntityFrameworkCore" Version="[5,)" />
@@ -17,8 +17,8 @@
 		<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="[6,)" />
 	</ItemGroup>
 
-  <ItemGroup>
-    <ProjectReference Include="..\..\src\EntityFrameworkCore.DataEncryption\EntityFrameworkCore.DataEncryption.csproj" />
-  </ItemGroup>
+	<ItemGroup>
+		<ProjectReference Include="..\..\src\EntityFrameworkCore.DataEncryption\EntityFrameworkCore.DataEncryption.csproj" />
+	</ItemGroup>
 
 </Project>

samples/AesSample/Program.cs

@@ -1,17 +1,20 @@
-using Microsoft.EntityFrameworkCore;
+using Microsoft.Data.Sqlite;
+using Microsoft.EntityFrameworkCore;
 using Microsoft.EntityFrameworkCore.DataEncryption.Providers;
 using System;
 using System.Linq;
-using System.Security;
 
 namespace AesSample;
 
 static class Program
 {
     static void Main()
     {
+        using SqliteConnection connection = new("DataSource=:memory:");
+        connection.Open();
+
         var options = new DbContextOptionsBuilder<DatabaseContext>()
-            .UseInMemoryDatabase(databaseName: "MyInMemoryDatabase")
+            .UseSqlite(connection)
             .Options;
 
         // AES key randomly generated at each run.
@@ -21,6 +24,7 @@ static void Main()
         var encryptionProvider = new AesProvider(encryptionKey, encryptionIV);
 
         using var context = new DatabaseContext(options, encryptionProvider);
+        context.Database.EnsureCreated();
 
         var user = new UserEntity
         {

samples/AesSample/UserEntity.cs

@@ -26,6 +26,6 @@ public class UserEntity
 
     [Required]
     [Encrypted(StorageFormat.Base64)]
-    [Column(TypeName = "VARCHAR(MAX)")]
+    [Column(TypeName = "TEXT")]
     public byte[] EncryptedDataAsString { get; set; }
 }

src/EntityFrameworkCore.DataEncryption/Internal/EncryptionConverter.cs

@@ -54,9 +54,7 @@ private static TModel Decrypt<TInput, TOupout>(TProvider input, IEncryptionProvi
             StorageFormat.Default or StorageFormat.Base64 => Convert.FromBase64String(input.ToString()),
             _ => input as byte[]
         };
-
         byte[] decryptedRawBytes = encryptionProvider.Decrypt(inputData);
-
         object decryptedData = null;
 
         if (destinationType == typeof(string))

src/EntityFrameworkCore.DataEncryption/Internal/PropertyAnnotations.cs

@@ -0,0 +1,7 @@
+namespace Microsoft.EntityFrameworkCore.DataEncryption.Internal;
+
+internal class PropertyAnnotations
+{
+    public const string IsEncrypted = "Microsoft.EntityFrameworkCore.DataEncryption.IsEncrypted";
+    public const string StorageFormat = "Microsoft.EntityFrameworkCore.DataEncryption.StorageFormat";
+}