search

Eastrall / EntityFrameworkCore.DataEncryption

A plugin for Microsoft.EntityFrameworkCore to add support of encrypted fields using built-in or custom encryption providers.
MIT License
326 stars 54 forks source link

Decryption failing after upgrade to 2.0.0 #24

Closed geedsen closed 3 years ago

geedsen commented 3 years ago

Upgrading from 1.0.1 to 2.0.0 fails the decryption. I had this constructor image So it tells me in 2.0.0,the constructor is obsolete and I should remove the "EncryptInitializationVector(decryptKey)". So I do that and nothing else changed. But decrypting:

Old version: Encrypted: "jpeRAjYgugrxClau2X+IB9p60+tEpTVoaQ4LJs9VN3zLe0ndUcPFyWrynPM/8IiH" Decrypted "f55cbf77bd2845808cce049a3720ceef"

New Version: Encrypted: "jpeRAjYgugrxClau2X+IB9p60+tEpTVoaQ4LJs9VN3zLe0ndUcPFyWrynPM/8IiH" Decrypted "8cce049a3720ceef"

And that new decrypted part is exactly the last halve of what it should be!!!!

So I changed it back to the obsolete constructor, thinking and hoping that decryption would work again. But no, still I only get halve the correct value.

Am I missing something?

Eastrall commented 3 years ago

Version 2.0.0 introduces dynamic IV per entries. There is a data migration process to migrate data in PR #15.

But I am going to reintroduce the fixed IV feature, because it causes a lot of issues when using EF LINQ extensions like FirstOrDefault or Where methods, because it generates new IV each time.

You'll be notified when the fixed will be out.

Eastrall commented 3 years ago

PR #25 also fixes this issue and provides much more features than #15.

Eastrall commented 3 years ago

Version 3.0.0 is now available on Nuget and should fix this issue if you use the "fixed IV" option: https://www.nuget.org/packages/EntityFrameworkCore.DataEncryption