Encrypt password field with Entity Framework Model First

ef-model-first entity-framework sql-server visual-studio-2010


I'm using Entity Framework Model First in my project with VS2010.

I'm wondering if there is a way to set the field password to be encrypted in .edmx window or Properties windows maybe. I don't want to change the generated .cs file since it will be covered each time I modify the model.

7/30/2012 7:34:59 AM

Accepted Answer

EF doesn't have any built in support for encryption and it also doesn't have support for database encryption mechanism (unless you are using transparent encryption in SQL Server which will encrypt whole database).

As a workaround you can do centralized encryption and decryption in your application. Here is high level idea:

  • Use a string property for your encrypted data - this property will be represented as nvarchar column in target database
  • Override SaveChanges method in your ObjectContext or DbContext inherited partial class (or handle SavingChanges event for ObjectContext inherited class). In this method / handler search for all instances of your entity which are in Added or Modified state (use ObjectStateManager or DbChangeTracker), take the value from the property which should be encrypted, encrypt it and store encrypted value back to the property in Base64 format. In case of SaveChanges override call base.SaveChanges after you encrypted property for all instances.
  • Handle ObjectMaterialized even on ObjectContext inherited class (in DbContext you will have to use IObjectContextAdapter to get ObjectContext instance from your DbContext instance), take the encrypted value from the property, convert it from Base64 format to byte array, decrypt it and store it back to the property. This may lead to some other complications because changing the property value may result in modified state but you should be able to fix it as well.
7/30/2012 8:15:26 AM

Popular Answer

A simpler option would be to create a partial class which adds a new property which handles encryption and decryption. You would then refer to this new property in your code instead of the Password property in the table object.

Partial Public Class ObjectName
  Public Property PasswordValue As String
      Return Password.Decrypt()
    End Get
    Set(value As String)
      Password = value.Encrypt()
    End Set
  End Property
End Class

In this case I created extension methods on the string object to do that. I used the code in the following link to do the encryption and decryption:

Encrypt and decrypt a string

Related Questions


Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow
Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow