Fix encryption converters storage formats

Author: Eastrall

README.md

@@ -3,6 +3,7 @@
 [![.NET](https://github.com/Eastrall/EntityFrameworkCore.DataEncryption/actions/workflows/build.yml/badge.svg)](https://github.com/Eastrall/EntityFrameworkCore.DataEncryption/actions/workflows/build.yml)
 [![codecov](https://codecov.io/gh/Eastrall/EntityFrameworkCore.DataEncryption/branch/master/graph/badge.svg)](https://codecov.io/gh/Eastrall/EntityFrameworkCore.DataEncryption)
 [![Nuget](https://img.shields.io/nuget/v/EntityFrameworkCore.DataEncryption.svg)](https://www.nuget.org/packages/EntityFrameworkCore.DataEncryption)
+[![Nuget Downloads](https://img.shields.io/nuget/dt/EntityFrameworkCore.DataEncryption)](https://www.nuget.org/packages/EntityFrameworkCore.DataEncryption)
 
 `EntityFrameworkCore.DataEncryption` is a [Microsoft Entity Framework Core](https://github.com/aspnet/EntityFrameworkCore) extension to add support of encrypted fields using built-in or custom encryption providers.
 
@@ -21,13 +22,13 @@ PM> Install-Package EntityFrameworkCore.DataEncryption
 
 ## How to use
 
-To use `EntityFrameworkCore.DataEncryption`, you will need to decorate your `string` properties of your entities with the `[Encrypted]` attribute and enable the encryption on the `ModelBuilder`. 
+To use `EntityFrameworkCore.DataEncryption`, you will need to decorate your `string` or `byte[]` properties of your entities with the `[Encrypted]` attribute and enable the encryption on the `ModelBuilder`. 
 
 To enable the encryption correctly, you will need to use an **encryption provider**, there is a list of the available providers:
 
 | Name | Class | Extra |
 |------|-------|-------|
-| [AES](https://docs.microsoft.com/en-US/dotnet/api/system.security.cryptography.aes?view=netcore-2.2) | [AesProvider](https://github.com/Eastrall/EntityFrameworkCore.DataEncryption/blob/master/src/EntityFrameworkCore.DataEncryption/Providers/AesProvider.cs) | Can use a 128bits, 192bits or 256bits key |
+| [AES](https://learn.microsoft.com/en-US/dotnet/api/system.security.cryptography.aes?view=net-6.0) | [AesProvider](https://github.com/Eastrall/EntityFrameworkCore.DataEncryption/blob/main/src/EntityFrameworkCore.DataEncryption/Providers/AesProvider.cs) | Can use a 128bits, 192bits or 256bits key |
 
 ### Example with `AesProvider`
 
@@ -71,21 +72,19 @@ The code bellow creates a new `AesEncryption` provider and gives it to the curre
 
 ## Create an encryption provider
 
-> :warning: This section is outdated and doesn't work for V3.0.0 and will be updated soon.
-
 `EntityFrameworkCore.DataEncryption` gives the possibility to create your own encryption providers. To do so, create a new class and make it inherit from `IEncryptionProvider`. You will need to implement the `Encrypt(string)` and `Decrypt(string)` methods.
 
 ```csharp
 public class MyCustomEncryptionProvider : IEncryptionProvider
 {
-	public string Encrypt(string dataToEncrypt)
+	public byte[] Encrypt(byte[] input)
 	{
-		// Encrypt data and return as Base64 string
+		// Encrypt the given input and return the encrypted data as a byte[].
 	}
 
-	public string Decrypt(string dataToDecrypt)
+	public byte[] Decrypt(byte[] input)
 	{
-		// Decrypt a Base64 string to plain string
+		// Decrypt the given input and return the decrypted data as a byte[].
 	}
 }
 ```

samples/AesSample/Program.cs

@@ -27,7 +27,8 @@ static void Main()
             FirstName = "John",
             LastName = "Doe",
             Email = "[email protected]",
-            //Password = BuildPassword(),
+            EncryptedData = new byte[2] { 1, 2 },
+            EncryptedDataAsString = new byte[2] { 3, 4 }
         };
 
         context.Users.Add(user);
@@ -39,19 +40,4 @@ static void Main()
 
         Console.WriteLine($"User: {user.FirstName} {user.LastName} - {user.Email}");
     }
-
-    static SecureString BuildPassword()
-    {
-        SecureString result = new();
-        result.AppendChar('L');
-        result.AppendChar('e');
-        result.AppendChar('t');
-        result.AppendChar('M');
-        result.AppendChar('e');
-        result.AppendChar('I');
-        result.AppendChar('n');
-        result.AppendChar('!');
-        result.MakeReadOnly();
-        return result;
-    }
 }

samples/AesSample/UserEntity.cs

@@ -1,7 +1,6 @@
 using System;
 using System.ComponentModel.DataAnnotations;
 using System.ComponentModel.DataAnnotations.Schema;
-using System.Security;
 
 namespace AesSample;
 
@@ -21,5 +20,12 @@ public class UserEntity
     [Encrypted]
     public string Email { get; set; }
 
-    //public SecureString Password { get; set; }
+    [Required]
+    [Encrypted]
+    public byte[] EncryptedData { get; set; }
+
+    [Required]
+    [Encrypted(StorageFormat.Base64)]
+    [Column(TypeName = "VARCHAR(MAX)")]
+    public byte[] EncryptedDataAsString { get; set; }
 }

src/EntityFrameworkCore.DataEncryption/ModelBuilderExtensions.cs

@@ -65,22 +65,22 @@ private static ValueConverter GetValueConverter(Type propertyType, IEncryptionPr
         {
             return storageFormat switch
             {
-                StorageFormat.Default or StorageFormat.Base64 => new EncryptionConverter<string, string>(encryptionProvider, storageFormat),
-                StorageFormat.Binary => new EncryptionConverter<string, byte[]>(encryptionProvider, storageFormat),
+                StorageFormat.Default or StorageFormat.Base64 => new EncryptionConverter<string, string>(encryptionProvider, StorageFormat.Base64),
+                StorageFormat.Binary => new EncryptionConverter<string, byte[]>(encryptionProvider, StorageFormat.Binary),
                 _ => throw new NotImplementedException()
             };
         }
         else if (propertyType == typeof(byte[]))
         {
             return storageFormat switch
             {
-                StorageFormat.Default or StorageFormat.Binary => new EncryptionConverter<byte[], byte[]>(encryptionProvider, storageFormat),
-                StorageFormat.Base64 => new EncryptionConverter<byte[], string>(encryptionProvider, storageFormat),
+                StorageFormat.Default or StorageFormat.Binary => new EncryptionConverter<byte[], byte[]>(encryptionProvider, StorageFormat.Binary),
+                StorageFormat.Base64 => new EncryptionConverter<byte[], string>(encryptionProvider, StorageFormat.Base64),
                 _ => throw new NotImplementedException()
             };
         }
 
-        return null;
+        throw new NotImplementedException($"Type {propertyType.Name} does not support encryption.");
     }
 
     private static IEnumerable<EncryptedProperty> GetEntityEncryptedProperties(IMutableEntityType entity)

test/EntityFrameworkCore.DataEncryption.Test/Context/BookEntity.cs

@@ -25,6 +25,10 @@ public sealed class BookEntity
     [ForeignKey(nameof(AuthorId))]
     public AuthorEntity Author { get; set; }
 
+    [Encrypted(StorageFormat.Base64)]
+    [Column(TypeName = "TEXT")]
+    public byte[] Content { get; set; }
+
     public BookEntity(string name, int numberOfPages)
     {
         Name = name;

test/EntityFrameworkCore.DataEncryption.Test/ModelBuilderExtensionsTest.cs

@@ -0,0 +1,57 @@
+using Microsoft.EntityFrameworkCore.DataEncryption;
+using Microsoft.EntityFrameworkCore.DataEncryption.Providers;
+using Microsoft.EntityFrameworkCore.DataEncryption.Test.Context;
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+using Xunit;
+
+namespace Microsoft.EntityFrameworkCore.Encryption.Test;
+
+public class ModelBuilderExtensionsTest
+{
+    private class InvalidPropertyEntity
+    {
+        [Key]
+        [DatabaseGenerated(DatabaseGeneratedOption.Identity)]
+        public int Id { get; set; }
+
+        [Encrypted]
+        public string Name { get; set; }
+
+        [Encrypted]
+        public int Age { get; set; }
+    }
+
+    private class InvalidPropertyDbContext : DbContext
+    {
+        private readonly IEncryptionProvider _encryptionProvider;
+
+        public DbSet<InvalidPropertyEntity> InvalidEntities { get; set; }
+
+        public InvalidPropertyDbContext(DbContextOptions options)
+        : base(options)
+        { }
+
+        public InvalidPropertyDbContext(DbContextOptions options, IEncryptionProvider encryptionProvider = null)
+            : base(options)
+        {
+            _encryptionProvider = encryptionProvider;
+        }
+        protected override void OnModelCreating(ModelBuilder modelBuilder)
+        {
+            modelBuilder.UseEncryption(_encryptionProvider);
+        }
+    }
+
+    [Fact]
+    public void UseEncryptionWithUnsupportedTypeTest()
+    {
+        AesKeyInfo encryptionKeyInfo = AesProvider.GenerateKey(AesKeySize.AES256Bits);
+        var provider = new AesProvider(encryptionKeyInfo.Key, encryptionKeyInfo.IV);
+
+        using var contextFactory = new DatabaseContextFactory();
+
+        Assert.Throws<NotImplementedException>(() => contextFactory.CreateContext<InvalidPropertyDbContext>(provider));
+    }
+}

test/EntityFrameworkCore.DataEncryption.Test/Providers/AesProviderTest.cs

@@ -138,7 +138,6 @@ private static void ExecuteAesEncryptionTest<TContext>(AesKeySize aesKeyType) wh
         var provider = new AesProvider(encryptionKeyInfo.Key, encryptionKeyInfo.IV, CipherMode.CBC, PaddingMode.Zeros);
         var author = new AuthorEntity("John", "Doe", 42)
         {
-            //Password = DataHelper.RandomSecureString(10),
             Books = new List<BookEntity>
             {
                 new("Lorem Ipsum", 300),