0

The purpose is to intercept queries to and from the database where if a certain column is detected it would encrypt/decrypt the value, for example an SSN column. We're using EF6 with Devart MySQL. I've been able to use the method "ReaderExecuting" DB Interceptor of EF but stuck on what the basis to decide to do the encryption/decryption on the value of a parameter:

enter image description here

As you can see, the command text is there and the collection of parameters, but what should I need to configure in order to connect the parameter to the db context column? And maybe even get the custom attributes set for that column?

Followed this guide: https://learn.microsoft.com/en-us/aspnet/mvc/overview/getting-started/getting-started-with-ef-using-mvc/connection-resiliency-and-command-interception-with-the-entity-framework-in-an-asp-net-mvc-application

johnsabre
  • 355
  • 2
  • 7
  • Would it be easier to encrypt the value when assigning it to the EF entity? – gunr2171 Mar 07 '22 at 15:22
  • @gunr2171, we want it to be not explicitly done for two reasons: one is that there will be so many places where it would be to encrypt/decrypt the values. Second reason is to avoid value being un-encrypted say a dev forgot or there's a new dev who didn't know about it. – johnsabre Mar 07 '22 at 15:45
  • 1
    We recommend performing this task not at ADO.NET and SQL level, where there is no longer information about objects and their properties, but at the EF level, where all this information is. A good example of solving such a problem is described here https://stackoverflow.com/a/38934598 - it is implemented using attributes, but this is not necessary - if the number of classes and/or columns requiring encryption is small, or the column/property names are specific and unique , then you can hardcode. – Devart May 03 '22 at 16:23

0 Answers0