Getting started

Prerequisites

• The CYBERCRYPT D1 Generic service must be deployed and accessible. See the CYBERCRYPT D1 Generic README for more information.
• Entity Framework Core 6 must be referenced in the application.
• A supported database deployed.

Installation

The Entity Framework Core integration is available through nuget.org. The latest version can be installed using the following command:

dotnet add package CyberCrypt.D1.EntityFramework

Usage

Configue data context

The DbContext needs to be configured to use the D1 Generic integration, by overriding the OnModelCreating method:

using Microsoft.EntityFrameworkCore;
using CyberCrypt.D1.EntityFramework.EntityFramework;
using CyberCrypt.D1.Client;

public class DatabaseContext : DbContext
{
    private readonly Func<ID1Generic> clientFactory;

    public DbSet<Person> Persons { get; set; };

    // An D1 client is injected
    public DatabaseContext(Func<ID1Generic> clientFactory)
    {
        this.clientFactory = clientFactory;
    }

    protected override void OnModelCreating(ModelBuilder modelBuilder)
    {
        // The model is configured to encrypt and decrypt data based on data annotations
        modelBuilder.UseD1(clientFactory);
        base.OnModelCreating(modelBuilder);
    }
}

The example above uses the data annotations based approach, if you want to use the fluent API instead, please see the user manual.

Add data annotation to model

The final step is to add the Confidential data annotation to the model.

using Microsoft.EntityFrameworkCore;
using CyberCrypt.D1.EntityFramework.EntityFramework;

public class Person
{
    public int Id { get; set; }

    public string FirstName { get; set; }

    public string Surname { get; set; }

    [Confidential] // Confidential data annotation is added to the encrypted property
    public string SocialSecurityNumber { get; set; }
}

Storing data

Storing data, is done the same way as with the regular Entity Framework Core.

Before the data is sent to the database, it will be encrypted using the D1 service, without any additional steps.

var person = new Person { Firstname = "John", Surname = "Doe", SocialSecurityNumber = "123456789" };
await dbContext.Persons.AddAsync(person);
await dbContext.SaveChangesAsync();

Query data

Querying data is done the same way as with the regular Entity Framework Core.

When the data is received from the database, it will automatically be decrypted using the D1 service, you won't need to do anything special to read the data.

var person = await dbContext.Documents.FirstOrDefaultAsync(x => x.Firstname == "John");