Closed DerStimmler closed 1 year ago
At the begining when I reworked the AesProvider
(and wrote the release note) I was planning on keeping the dynamic IV support. But realised that it was something really specific and shouldn't be part of the library (just like the migration support) simply because it formats the output by adding 16 bytes at the begining of the array. This approach works well, but let's say you'd want these 16 bytes at the end of your array, or maybe in the middle of your encrypted data. It will not suit everyone's need.
So, I decided to remove the support and forgot to update the release note. I apologize for that.
If you want to use a dynamic IV on your AES encryption, you will have to create your own encryption provider and implement it on your own. You can take inspiration of the V3.X encryption provider that still supports dynamic IV.
I'll correct the release note right away. Thanks for reporting it! 😄
Thanks for the clarification.
You're welcome. I'm closing this issue. If you have any other question, please open a new issue.
In case someone else wants to keep using dynamic IV:
Here is an implementation of a custom IEncryptionProvider
for v4.0.0 based on the AesProvider
of v3.x.
https://gist.github.com/DerStimmler/ee6ae4b10c9d2e58dc5c63e087e1fb62
Great, thanks to all of you!
@DerStimmler thanks a lot! Just migrated to .NET 7 and needed to move to a newer version of this package (from 2.0.0 to 4.0.1) so this saved me since I had existing data in a database to work with.
Since version 4.0.0 you have to provide an initialization vector to the constructor of
AesProvider
. According to the release notes, you can providenull
for the initialization vector to use dynamic IV.The problem is that the constructor throws an
ArgumentNullException
if the IV isnull
.https://github.com/Eastrall/EntityFrameworkCore.DataEncryption/blob/0beb7361a1c6c989bf17ccac2df98b1988f254c8/src/EntityFrameworkCore.DataEncryption/Providers/AesProvider.cs#L37
Is there a way to still use dynamic IV, or do I have to switch to a fixed one?