Closed Torkolis closed 8 months ago
AltairCA
commented
8 months ago Hello,
Those functions are static methods that match the functionality in pgcrypto, and those are used in Value Converters as you mentioned above, but If you use EF Functions in Group By, Select etc, encryption or decryption will be happening on DB level using this Translator
Torkolis
commented
8 months ago Ok, thank you for explanation, I thought it would do something like what is described here: https://www.digitalocean.com/community/tutorials/how-to-encrypt-a-database-at-rest-in-postgresql-on-ubuntu#method-3-encrypting-parts-of-database
create table test_login (name VARCHAR(50), password TEXT);
insert into test_login (name, password) values ('Jonathon', pgp_sym_encrypt('123ab', 'd3a')::TEXT);
select name, pgp_sym_decrypt(password::bytea, 'd3a') from test_login;and would not do any encryption/decryption locally.
Hi, I don't understand how and even if this actually uses pgcrypto. From what I can see in source code the conversion happens here:
in this file https://github.com/AltairCA/EntityFrameworkCore.PostgreSQL.ColumnEncryption/blob/master/AltairCA.EntityFrameworkCore.PostgreSQL.ColumnEncryption/Functions/EncryptionValueConverter.cs
while the functions NpgsqlEncrypt and NpgsqlDecrypt just seem to use
functions as seen here
https://github.com/AltairCA/EntityFrameworkCore.PostgreSQL.ColumnEncryption/blob/master/AltairCA.EntityFrameworkCore.PostgreSQL.ColumnEncryption/Attribute/AttributeEncryptExtension.cs
leading to the AesUtil functions here
https://github.com/AltairCA/EntityFrameworkCore.PostgreSQL.ColumnEncryption/blob/master/AltairCA.EntityFrameworkCore.PostgreSQL.ColumnEncryption/Utils/AESUtil.cs