public void EncryptedSearchServerSide()
{
// Fast searches done at database side, usually for high frequency search patterns (e.g. search by last name etc)
// Please read more https://www.crypteron.com/blog/practical-searchable-encryption-and-security/
//
Console.WriteLine("For details, partial searches, fuzzy searches, please read:");
Console.WriteLine(" https://www.crypteron.com/blog/practical-searchable-encryption-and-security/ \n");
Console.WriteLine("Credit Card numbers are AES encrypted; we'll do a full speed server side search!");
Console.Write("Enter the full credit card to search for (including the -'s): ");
var ccSearchStr = Console.ReadLine();
using (var secDb = new SecDbContext())
{
var creditCardSearchPrefix = SecureSearch.GetPrefix(ccSearchStr);
// This query will take place on encrypted data at the database side
var usersFound = secDb.Users.Where(u => u.SecureSearch_CreditCardNumber.StartsWith(creditCardSearchPrefix));
if (usersFound == null || usersFound.Count() < 1)
{
Console.WriteLine("No results found");
}
foreach (var user in usersFound)
{
DisplayEntity(user);
}
}
}
public void Create()
{
var dbUsr = CreateOrEdit();
using (var secDb = new SecDbContext())
{
secDb.Users.Add(dbUsr);
secDb.SaveChanges();
}
}
public void Create()
{
var dbUsr = CreateOrEditUser();
using (var secDb = new SecDbContext())
{
secDb.Users.Add(dbUsr);
secDb.SaveChanges();
}
}
//
// GET: /Injection/Kategorie
public ActionResult Kategorie()
{
IEnumerable <Kategoria> model = new List <Kategoria>();
using (var db = new SecDbContext())
{
model = db.Kategorie.ToList();
}
return(View(model));
}
public void WipeAllViaSql()
{
// Deletions can be done directly without passing
// through CipherDB
const string rawSqlCmd = "DELETE FROM Users";
using (var secDb = new SecDbContext())
{
secDb.Database.ExecuteSqlCommand(rawSqlCmd);
}
Console.WriteLine("Wiped entire table via SQL command: {0}", rawSqlCmd);
}
public void CreateAuto(int numToAdd)
{
using (var secDb = new SecDbContext())
{
Console.Write("[CipherDB] Adding user records " + Environment.NewLine + "[");
for (int i = 0; i < numToAdd; i++)
{
secDb.Users.Add(CreateRandomUser());
Console.Write(".");
}
Console.WriteLine("]");
secDb.SaveChanges();
}
}
public void CreateAuto(int numToAdd)
{
using (var secDb = new SecDbContext())
{
Console.Write("[CipherDB] Adding user records " + Environment.NewLine + "[");
for (int i = 0; i < numToAdd; i++)
{
secDb.Users.Add(CreateRandomUser());
Console.Write(".");
}
Console.WriteLine("]");
secDb.SaveChanges();
}
}
public void DeleteAll()
{
using (var secDb = new SecDbContext())
{
int deleted = 0;
foreach (var deleteThis in secDb.Users)
{
secDb.Users.Remove(deleteThis);
deleted++;
}
var written = secDb.SaveChanges();
Console.WriteLine("Deleted {0} entities, write to {1} entites", deleted, written);
}
}
public void LiveMigrate()
{
using (var secDb = new SecDbContext())
{
foreach (User o in secDb.Users)
{
// If CipherDB detects any rows still using the old
// encryption keys AND if Migration Policy allows it
// track all such older rows.
}
// To minimize write pressure, CipherDB will update old
// entities to newer the latest encryption key
// ONLY when application generates a write, like below
secDb.SaveChanges();
}
}
private int ReadAll(bool printToScreen)
{
int totalEntries = 0;
using (var secDb = new SecDbContext())
{
foreach (var o in secDb.Users)
{
totalEntries++;
if (printToScreen)
{
DisplayEntity(o);
}
}
}
return(totalEntries);
}
public ActionResult KsiazkiSearchByTitle(string searchText)
{
List <Ksiazka> ksiazki;
using (var db = new SecDbContext())
{
//ksiazki = db.KsiazkiByTitle(searchText).ToList();
var param = new SqlParameter
{
ParameterName = "titleSearch",
Value = searchText
};
ksiazki = db.Database.SqlQuery <Ksiazka>("GetKsiazkiByTitle @titleSearch", param).ToList();
}
return(View("Ksiazki", ksiazki));
}
public void Delete()
{
using (var secDb = new SecDbContext())
{
var id = GetId();
var deleteThis = secDb.Users.Find(id);
if (deleteThis != null)
{
secDb.Users.Remove(deleteThis);
secDb.SaveChanges();
}
else
{
Console.WriteLine("Order ID {0} not found!", id);
}
}
}
public void Delete()
{
using (var secDb = new SecDbContext())
{
var id = GetId();
var deleteThis = secDb.Users.Find(id);
if (deleteThis != null)
{
secDb.Users.Remove(deleteThis);
secDb.SaveChanges();
}
else
{
Console.WriteLine("Order ID {0} not found!", id);
}
}
}
public void Update()
{
using (var secDb = new SecDbContext())
{
var id = GetId();
var beforeUser = secDb.Users.Find(id);
if (beforeUser != null)
{
var afterUser = CreateOrEditUser(beforeUser);
secDb.Entry(beforeUser).CurrentValues.SetValues(afterUser);
secDb.SaveChanges();
}
else
{
Console.WriteLine("Order ID {0} not found!", id);
}
}
}
public ActionResult Search(string searchText)
{
List <Ksiazka> ksiazki;
using (var db = new SecDbContext())
{
//ksiazki = db.KsiazkiByTitle(searchText).ToList();
var param = new SqlParameter
{
ParameterName = "titleSearch",
Value = searchText
};
ksiazki = db.Database.SqlQuery <Ksiazka>("GetKsiazkiByTitle @titleSearch", param).ToList();
}
ViewData["SearchText"] = searchText;
// wykorzystanie Encodera
//ViewData["SearchText"] = AntiXssEncoder.HtmlEncode(searchText, true);
return(View("Search", ksiazki));
}
public void StoredProcedure()
{
#if ConsoleDbFirst
Console.WriteLine("Enter first few characters of customer name to search:");
var custName = Console.ReadLine();
using (var secDbCtx = new SecDbContext())
{
// 1. The SQL Stored Proc needs to be imported into EntityFramework
// 2. The resulting object from the SP needs to be mapped to an
// EntityFramework entity
var results = secDbCtx.usp_SearchUserByName(custName);
foreach (var r in results)
{
DisplayEntity(r);
}
}
#else
throw new NotImplementedException("SPs work fine with CipherDB but currently demonstrated only in the EntityFramework Database First sample");
#endif
}
public void DeleteAll()
{
using (var secDb = new SecDbContext())
{
int deleted = 0;
foreach (var deleteThis in secDb.Users)
{
secDb.Users.Remove(deleteThis);
deleted++;
}
var written = secDb.SaveChanges();
Console.WriteLine("Deleted {0} entities, write to {1} entites", deleted, written);
}
}
private int ReadAll(bool printToScreen)
{
int totalEntries = 0;
using (var secDb = new SecDbContext())
{
foreach (var o in secDb.Users)
{
totalEntries++;
if (printToScreen)
DisplayEntity(o);
}
}
return totalEntries;
}
public void WipeAllViaSql()
{
// Deletions can be done directly without passing
// through CipherDB
const string rawSqlCmd = "DELETE FROM Users";
using (var secDb = new SecDbContext())
{
secDb.Database.ExecuteSqlCommand(rawSqlCmd);
}
Console.WriteLine("Wiped entire table via SQL command: {0}", rawSqlCmd);
}
public void Update()
{
using (var secDb = new SecDbContext())
{
var id = GetId();
var beforeUser = secDb.Users.Find(id);
if (beforeUser != null)
{
var afterUser = CreateOrEdit(beforeUser);
secDb.Entry(beforeUser).CurrentValues.SetValues(afterUser);
secDb.SaveChanges();
}
else
{
Console.WriteLine("Order ID {0} not found!", id);
}
}
}
public void StoredProcedure()
{
#if ConsoleDbFirst
Console.WriteLine("Enter first few characters of customer name to search:");
var custName = Console.ReadLine();
using (var secDbCtx = new SecDbContext())
{
// 1. The SQL Stored Proc needs to be imported into EntityFramework
// 2. The resulting object from the SP needs to be mapped to an
// EntityFramework entity
var results = secDbCtx.usp_SearchUserByName(custName);
foreach (var r in results)
DisplayEntity(r);
}
#else
throw new NotImplementedException("SPs work fine with CipherDB but currently demonstrated only in the EntityFramework Database First sample");
#endif
}
public void LiveMigrate()
{
using (var secDb = new SecDbContext())
{
foreach (User o in secDb.Users)
{
// If CipherDB detects any rows still using the old
// encryption keys AND if Migration Policy allows it
// track all such older rows.
}
// To minimize write pressure, CipherDB will update old
// entities to newer the latest encryption key
// ONLY when application generates a write, like below
secDb.SaveChanges();
}
}
public void EncryptedSearch()
{
// Since only the Application/CipherDB Agent can access the decrypted data,
// the search must be performed withing CipherDB agent itself. For performance
// reasons it's best to prefilter the search so the search query runs on a sub-set of
// potential dataset rather than the entire database table.
Console.WriteLine("Please see https://www.crypteron.com/blog/practical-searchable-encryption-and-security/ for more details");
Console.WriteLine(new string('-',40));
var startOrderId = 3;
var endOrderId = 9;
Console.WriteLine($"Prefiltering between orderID {startOrderId} and {endOrderId}");
Console.Write("Enter the credit card search string:");
var ccSearchStr = Console.ReadLine();
using (var secDb = new SecDbContext())
{
// Prefilter off non-secure attributes (eg. City or Date etc), for demo we just use OrderId for prefilter
var prefiltered = secDb.Users.Where(user => user.OrderId > startOrderId && user.OrderId < endOrderId).ToList();
// Perform encrypted search with CipherDB Agent
var hits = prefiltered.Where(user => user.Secure_CreditCardNumber.Contains(ccSearchStr));
foreach (var o in hits)
{
DisplayEntity(o);
}
}
}
