Using multiple encryption keys in .NET Core

Hi.

I’m using Couchbase with field level encryption and it works fine when using a default encryption key, but now I need to support different encryption keys for different fields.

I use to have my cluster configured with a default encryptor and that is why it was working fine:

var cryptoManager = DefaultCryptoManager.Builder()
    .Decryptor(provider.Decryptor())
    .DefaultEncryptor(provider.Encryptor("my-key")) // Default encryptor was being defined
    .Build();

But now I’m adding many keys to the provider and then adding them to the cryptoManager:

var keys = GetEncryptionKeys();
var provider = new AeadAes256CbcHmacSha512Provider(new AeadAes256CbcHmacSha512Cipher(), new Keyring(keys));

var cryptoManagerBuilder = DefaultCryptoManager.Builder();
cryptoManagerBuilder.Decryptor(provider.Decryptor());
foreach (var k in keys)
{
    // Adds the encryption keys one by one
    // So I end up with a list of keys: "my-key1", "my-key2", "my-key3"
    cryptoManagerBuilder.Encryptor(k.Id, provider.Encryptor(k.Id)); 
}
var cryptoManager = cryptoManagerBuilder.Build();

That code works fine, but when I try to write or read files, I get this error:

Missing encryptor for alias ‘’

I am correctly defining my encryption key on the model field
image

I would expect Couchbase to identify that I want to use “my-key” from the list of encryption keys that I provided, but I get that error instead.

It starts “working” once I add a default encryptor, but it always uses the default, ignoring what was specified in the EncryptedField.KeyName value.
I don’t want to use a default encryptor, to prevent incorrectly encrypting with a default and not with what I really need.

Question

Is there a way for not having to specify a default encryptor and just use what is defined on each model property?

I’m not a user of the field-level encryption library. But, at a quick glance, I think it may have been an oversight in this class: dotnet-couchbase-encryption/src/Couchbase.Encryption/Attributes/EncryptedFieldConverter.cs at 134dad031f0ece09634620f212fc8c00c47cd367 · couchbase/dotnet-couchbase-encryption · GitHub

I don’t see where the key name is ever passed in for encryption or decryption, except in the legacy fallback case.

@jmorris may know more, he appears to have been the library author.

1 Like

Yeah, I also noticed that on the GitHub repo, the key name is never used.

After my tests, I can confirm in .NET, the decryption only works if a default encryptor is provided, if not, then the error I mentioned is thrown.

This is probably a bug, since there is no point on allowing users to specify the KeyName for each field if it will never be used.

Hi @DiLeArMo -

Thanks for posting this. Can you create an issue in github? Additionally if you have a subscription, let the the support team know about it, otherwise we will pick it up in a later sprint.

Alternatively, you can push a PR and we will get it reviewed and merged.

Thanks,
Jeff

Hello. I created an issue on GitHub.

We probably do have a subscription, we will probably create a ticket next week to ask about this and other issues we are having related to field-level encryption.
Thank you!