DbEncryptedString

One of the new features in 3.1 is the DbEncryptedString class. This class allows you to have a property value automatically encrypted upon write to and decrypted upon read from the database.

You can use it as the property type for any mapped class by simply declaring the property as a DbEncryptedString:

public class Thing
{
    public DbEncryptedString SecureData { get; set; }
}

The DbEncryptedString class provides automatic conversion from a .NET string class so you can easily use it as follows:

var thing = new Thing { SecureData = "My Secret data..." };

Once the object is saved to the database (via ISession.Insert() or ISession.Update()) the column will contain the Base64 encoded cipher text (encrypted value). When the object is read from the database it will be decrypted and the clear text will be visible in the property.

The encrypted value will look something along the lines of MlZPjm49IKNGtOQoHAAgEa2+ycQHzXk8FIRbJ/SQ/BM=@ngWykCGsVyD/aD8ZWIhXWw==

If you choose to use DbEncryptedString, you need to manually register the type converter for it. The DbEncryptedStringTypeConverter is designed to work with any implementation of SymmetricAlgorithm and in order to do this, the creation of the SymmetricAlgorithm has been abstracted from the type converter.

The constructor for the DbEncryptedStringTypeConverter is as follows:

public class DbEncryptedStringTypeConverter
{
    public DbEncryptedStringTypeConverter(ISymmetricAlgorithmProvider algorithmProvider)
    {
    }
}

In order to instantiate the DbEncryptedStringTypeConverter, we need to provide it with an implementation of MicroLite.Infrastructure.ISymmetricAlgorithmProvider. MicroLite 3.1 ships with an implementation of this interface which reads the encryption key and algorithm type from the app.config. In order to use it, add 2 values to the appsettings section:

  <appSettings>
    <add key="MicroLite.DbEncryptedString.EncryptionKey" value="bru$3atheM-pey+=!a5ebr7d6Tru@E?4" />
    <add key="MicroLite.DbEncryptedString.SymmetricAlgorithm" value="AesManaged" />
  </appSettings>

The SymmetricAlgorithm can be any which can be created by SymmetricAlgorithm.Create.

It is then possible to instantiate the DbEncryptedStringTypeConverter with the AppSettingSymmetricAlgorithmProvider as follows and register it with MicroLite:

Then register the type converter:

using MicroLite.Infrastructure;
using MicroLite.TypeConverter;

ISymmetricAlgorithmProvider algorithmProvider = new AppSettingSymmetricAlgorithmProvider();
ITypeConverter typeConvter = new DbEncryptedStringTypeConverter(algorithmProvider);

TypeConverter.Converters.Add(typeConverter);

Custom Type Converters

One of the new features in Version 3.1 is support for custom type converters. This is actually the internals that allowed for the XDocument support in 3.0.3 being made public.

In order to create a custom type converter, the interface you need to implement is MicroLite.TypeConverters.ITypeConverter.

As you can see, the interface is quite simple only requiring 3 methods.

The CanConvert method allows the converter to tell MicroLite if it can handle conversion of the specified type. This will be called by MicroLite when it is trying to resolve the correct type converter to use to convert a value.

The ConvertFromDbValue method will be called by MicroLite when building an object from a result set, the value will be the object returned by the underlying DbDataReader and the type will be the property type (or object type if include scalar or execute scalar has been called).

The ConvertToDbValue method will be called by MicroLite when building an insert/update statement. The value will be the property value and the type will be the property type.

Once you have created an ITypeConverter, simply register it when you configure MicroLite:

using MicroLite.TypeConverter;

TypeConverter.Converters.Add(new MyCustomTypeConverter());

WebApi Extension 2.1.0 Released

In the MVC and WebApi extensions post, we discussed using the GlobalConfiguration.Configuration.Filters to register the MicroLiteSessionAttribute. In MicroLite.Extensions.WebApi 2.1.0, we do that automatically when calling .WithWebApi();.

If you don’t want that to happen, simply call the overload instead to opt out of the registration .WithWebApi(registerGlobalFilter: false);

MVC Extension 3.1.0 released

In the MVC and WebApi extensions post, we discussed using the GlobalFilters to register the MicroLiteSessionAttribute. In MicroLite.Extensions.Mvc 3.1.0, we do that automatically when calling .WithMvc();.

If you don’t want that to happen, simply call the overload instead to opt out of the registration .WithMvc(registerGlobalFilter: false);

3.1.0 Released

Version 3.1.0 has been released for MicroLite.

Changes/Enhancements

• Creating custom type converters.
• DbEncryptedString
• Extension support for SqlDialects.
• The ConventionMapping now allows specifying a default table schema.

The obsolete warnings on the following methods are now compilation errors so if you have not already, please update to the new API.

• IConfigureConnection.ForConnection(string connectionName);
• IReadOnlySession.Paged(SqlQuery sqlQuery, int page, int resultsPerPage);

Unit Testing MVC Controllers

If you use the ASP.NET MVC Extension with ASP.NET MVC 4, you may encounter problems running unit tests if you inherit from the MicroLiteController or MicroLiteReadOnlyController.

This is because the MVC Extension for MicroLite is currently built against ASP.NET MVC 3.

Since the Controller classes in ASP.NET MVC 4 are backwards compatible with MVC 3, you can fix this by adding an app.config to your unit test project with a binding redirect for ASP.NET MVC as follows:

<runtime>
  <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
    <dependentAssembly>
      <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
      <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
    </dependentAssembly>
  </assemblyBinding>
</runtime>

What’s coming after 3.0?

It’s been quite a while since 3.0.0 was released, so here’s where MicroLite is headed.

Version 3.1 is currently being worked on and at the moment the intention is to add the following:

• Enable specifying a table schema in the convention based mapping introduced in 3.0
• Enable custom type converters – there has been a fair amount of refactoring internally in 3.0 and over the course of the point releases since to get ready for exposing the type conversion API.
• Enable custom SQL dialects – just like the type converters, the intention has always been to expose the sql dialects for extension.
• Add a DbEncryptedString class which can be used to automatically decrypt/encrypt data when it is read/written to the database.

We also want to add support for Oracle, Firebird and Sybase however these may not make the 3.1 release and may have to wait until 3.2.