C
C#2y ago
OkOk

❔ Enabling "Always Encrypted" created a clash of datatypes

My normal working code 
_dbContext.MyClass.Add(MyObject);
_dbContext.MyClass.Add(MyObject);
crashes when enabling encryption and saving. Operand type clash: nvarchar is incompatible with nvarchar(4000) encrypted.. I tried changing forcing the nvarchar to 4000 and I enabled everything I saw in the docs.
17 Replies
JakenVeina
JakenVeina2y ago
what docs? what is _dbContext? what is nvarchar?
OkOk
OkOkOP2y ago
The docs for Always Encrypted _dbContext is your run-of-the-mill pattern inheriting from dbContext nvarchar is a standard datatype in Sql-server
OkOk
OkOkOP2y ago
https://learn.microsoft.com/en-us/sql/relational-databases/security/encryption/always-encrypted-tutorial-getting-started?tabs=ssms&view=sql-server-ver16&viewFallbackFrom=azuresql
Tutorial: Getting started with Always Encrypted - SQL Server
This tutorial teaches you how to encrypt columns using Always Encrypted and how to query encrypted columns in SQL Server, Azure SQL Database, and Azure SQL Managed Instance.
JakenVeina
JakenVeina2y ago
that doesn't appear to reference EF Core at all how are you configuring this for EF Core?
OkOk
OkOkOP2y ago
It does not, I don't seem to be able to find much about using Always Encrypted with EF.
JakenVeina
JakenVeina2y ago
might not be supported reading the error, and similar errors online, it seems to me that EF is sending unencrpyted strings to the database
OkOk
OkOkOP2y ago
But EF is just converted to normal SQL before reaching the DB?
JakenVeina
JakenVeina2y ago
which the database treats as values that are incompatible with an encrypted column which makes sense, the entire point of Always Encrypted is that the database never sees the unencrypted values EF would have to be instructed about which columns need to be encrpyted before being sent yes, and that's the part it can't do correctly
OkOk
OkOkOP2y ago
I was wondering if the DB would intelligently look at the data and see it is unencrypted and reject it, or if it wouldn't matter as long as the data is not over 4000 nvarchars
JakenVeina
JakenVeina2y ago
nope EF doesn't work that way EF's concept of what the database is is 100% based on the EF modeling code you either write or have generated if you don't tell it which columns are encrypted, it can't know
OkOk
OkOkOP2y ago
Just looking at the database column, it claims that the datatype is just as before the encryption, a un-nullable nvarchar(max)
JakenVeina
JakenVeina2y ago
but it's encrypted
OkOk
OkOkOP2y ago
Is that a different datatype?
JakenVeina
JakenVeina2y ago
which, from what I can tell, makes it NOT the same data type
OkOk
OkOkOP2y ago
Okey because that is what I was wondering
JakenVeina
JakenVeina2y ago
that's my understanding from looking at the docs and such for about 5 minutes, anyway
Accord
Accord2y ago
Was this issue resolved? If so, run /close - otherwise I will mark this as stale and this post will be archived until there is new activity.
Want results from more Discord servers?
Add your server