EventGet 50% off your ticket to MongoDB.local NYC on May 2. Use code Web50!Learn more >>
MongoDB Developer
C#
plus
Sign in to follow topics
MongoDB Developer Centerchevron-right
Developer Topicschevron-right
Languageschevron-right
C#chevron-right

How to Use MongoDB Client-Side Field Level Encryption (CSFLE) with C#

Adrienne Tacke18 min read • Published Feb 18, 2022 • Updated Sep 23, 2022
MongoDBSecurityC#
Facebook Icontwitter iconlinkedin icon
Rate this code example
star-empty
star-empty
star-empty
star-empty
star-empty
Client-side field level encryption (CSFLE) provides an additional layer of security to your most sensitive data. Using a supported MongoDB driver, CSFLE encrypts certain fields that you specify, ensuring they are never transmitted unencrypted, nor seen unencrypted by the MongoDB server.
This may be the only time I use a Transformers GIF. Encryption GIFs are hard to find!
This may be the only time I use a Transformers GIF. Encryption GIFs are hard to find!
This also means that it's nearly impossible to obtain sensitive information from the database server. Without access to a specific key, data cannot be decrypted and exposed, rendering the intercepting data from the client fruitless. Reading data directly from disk, even with DBA or root credentials, will also be impossible as the data is stored in an encrypted state.
Key applications that showcase the power of client-side field level encryption are those in the medical field. If you quickly think back to the last time you visited a clinic, you already have an effective use case for an application that requires a mix of encrypted and non-encrypted fields. When you check into a clinic, the person may need to search for you by name or insurance provider. These are common data fields that are usually left non-encrypted. Then, there are more obvious pieces of information that require encryption: things like a Social Security number, medical records, or your insurance policy number. For these data fields, encryption is necessary.
This tutorial will walk you through setting up a similar medical system that uses automatic client-side field level encryption in the MongoDB .NET Driver (for explicit, meaning manual, client-side field level encryption, check out these docs).
In it, you'll:
Prepare a .NET Core console application
Generate secure, random keys needed for CSFLE
Configure CSFLE on the MongoClient
See CSFLE in action
💡️ This can be an intimidating tutorial, so don't hesitate to take as many breaks as you need; in fact, complete the steps over a few days! I've tried my best to ensure each step completed acts as a natural save point for the duration of the entire tutorial. :)
Let's do this step by step!

Prerequisites

💻 The code for this tutorial is available in this repo.

Create a .NET Core Console Application

Let's start by scaffolding our console application. Open Visual Studio (I'm using Visual Studio 2019 Community Edition) and create a new project. When selecting a template, choose the "Console App (.NET Core)" option and follow the prompts to name your project.
Visual Studio 2019 create a new project prompt; Console App (.NET Core) option is highlighted.
Visual Studio 2019 create a new project prompt; Console App (.NET Core) option is highlighted.

Install CSFLE Dependencies

Once the project template loads, we'll need to install one of our dependencies. In your Package Manager Console, use the following command to install the MongoDB Driver:
💡️ If your Package Manager Console is not visible in your IDE, you can get to it via View > Other Windows > Package Manager Console in the File Menu.
The next dependency you'll need to install is mongocryptd, which is an application that is provided as part of MongoDB Enterprise and is needed for automatic field level encryption. Follow the instructions to install mongocryptd on your machine. In a production environment, it's recommended to run mongocryptd as a service at startup on your VM or container.
Now that our base project and dependencies are set, we can move onto creating and configuring our different encryption keys.
MongoDB client-side field level encryption uses an encryption strategy called envelope encryption. This strategy uses two different kinds of keys.
The first key is called a data encryption key, which is used to encrypt/decrypt the data you'll be storing in MongoDB. The other key is called a master key and is used to encrypt the data encryption key. This is the top-level plaintext key that will always be required and is the key we are going to generate in the next step.
🚨️ Before we proceed, it's important to note that this tutorial will demonstrate the generation of a master key file stored as plaintext in the root of our application. This is okay for development and educational purposes, such as this tutorial. However, this should NOT be done in a production environment!
Why? In this scenario, anyone that obtains a copy of the disk or a VM snapshot of the app server hosting our application would also have access to this key file, making it possible to access the application's data.
Instead, you should configure a master key in a Key Management System such as Azure Key Vault or AWS KMS for production.
Keep this in mind and watch for another post that shows how to implement CSFLE with Azure Key Vault!

Create a Local Master Key

In this step, we generate a 96-byte, locally-managed master key. Then, we save it to a local file called master-key.txt. We'll be doing a few more things with keys, so create a separate class called KmsKeyHelper.cs. Then, add the following code to it:
So, what's happening here? Let's break it down, line by line:
First, we declare and set a private variable called __localMasterKeyPath. This holds the path to where we save our master key.
Next, we create a GenerateLocalMasterKey() method. In this method, we use .NET's Cryptography services to create an instance of a RandomNumberGenerator. Using this RandomNumberGenerator, we generate a cryptographically strong, 96-byte key. After converting it to a Base64 representation, we save the key to the master-key.txt file.
Great! We now have a way to generate a local master key. Let's modify the main program to use it. In the Program.cs file, add the following code:
In the Main method, we create an instance of our KmsKeyHelper, then call our GenerateLocalMasterKey() method. Pretty straightforward!
Save all files, then run your program. If all is successful, you'll see a console pop up and the Base64 representation of your newly generated master key printed in the console. You'll also see a new master-key.txt file appear in your solution explorer.
Now that we have a master key, we can move onto creating a data encryption key.

Create a Data Encryption Key

The next key we need to generate is a data encryption key. This is the key the MongoDB driver stores in a key vault collection, and it's used for automatic encryption and decryption.
Automatic encryption requires MongoDB Enterprise 4.2 or a MongoDB 4.2 Atlas cluster. However, automatic decryption is supported for all users. See how to configure automatic decryption without automatic encryption.
Let's add a few more lines of code to the Program.cs file:
So, what's changed? First, we added an additional import (MongoDB.Driver). Next, we declared a connectionString and a keyVaultNamespace variable.
For the key vault namespace, MongoDB will automatically create the database encryption and collection __keyVault if it does not currently exist. Both the database and collection names were purely my preference. You can choose to name them something else if you'd like!
Next, we modified the KmsKeyHelper instantiation to accept two parameters: the connection string and key vault namespace we previously declared. Don't worry, we'll be changing our KmsKeyHelper.cs file to match this soon.
Finally, we declare a kmsKeyIdBase64 variable and set it to a new method we'll create soon: CreateKeyWithLocalKmsProvider();. This will hold our data encryption key.

Securely Setting the MongoDB connection

In our code, we set our MongoDB URI by pulling from environment variables. This is far safer than pasting a connection string directly into our code and is scalable in a variety of automated deployment scenarios.
For our purposes, we'll create a launchSettings.json file.
💡️ Don't commit the launchSettings.json file to a public repo! In fact, add it to your .gitignore file now, if you have one or plan to share this application. Otherwise, you'll expose your MongoDB URI to the world!
Right-click on your project and select "Properties" in the context menu.
The project properties will open to the "Debug" section. In the "Environment variables:" area, add a variable called MDB_URI, followed by the connection URI:
Adding an environment variable to the project settings in Visual Studio 2019.
Adding an environment variable to the project settings in Visual Studio 2019.
What value do you set to your MDB_URI environment variable?
  • MongoDB Atlas: If using a MongoDB Atlas cluster, paste in your Atlas URI.
  • Local: If running a local MongoDB instance and haven't changed any default settings, you can use the default connection string: mongodb://localhost:27017.
Once your MDB_URI is added, save the project properties. You'll see that a launchSettings.json file will be automatically generated for you! Now, any Environment.GetEnvironmentVariable() calls will pull from this file.
With these changes, we now have to modify and add a few more methods to the KmsKeyHelper class. Let's do that now.
First, add these additional imports:
Next, declare two private variables and create a constructor that accepts both a connection string and key vault namespace. We'll need this information to create our data encryption key; this also makes it easier to extend and integrate with a remote KMS later on.
After the GenerateLocalMasterKey() method, add the following new methods. Don't worry, we'll go over each one:
This method is the one we call from the main program. It's here that we generate our data encryption key. Lines 6-7 read the local master key from our master-key.txt file and convert it to a byte array.
Lines 11-16 set the KMS provider settings the client needs in order to discover the master key. As you can see, we add the local provider and the matching local master key we've just retrieved.
With these KMS provider settings, we construct additional client encryption settings. We do this in a separate method called GetClientEncryption(). Once created, we finally generate an encrypted key.
As an extra measure, we call a third new method ValidateKey(), just to make sure the data encryption key was created. After these steps, and if successful, the CreateKeyWithLocalKmsProvider() method returns our data key id encoded in Base64 format.
After the CreateKeyWithLocalKmsProvider() method, add the following method:
Within the CreateKeyWithLocalKmsProvider() method, we call GetClientEncryption() (the method we just added) to construct our client encryption settings. These include which key vault client, key vault namespace, and KMS providers to use.
In this method, we construct a MongoClient using the connection string, then set it as a key vault client. We also use the key vault namespace that was passed in and the local KMS providers we previously constructed. These client encryption options are then returned.
Last but not least, after GetClientEncryption(), add the final method:
Though optional, this method conveniently checks that the data encryption key was created correctly. It does this by constructing a MongoClient using the specified connection string, then queries the database for the data encryption key. If it was successfully created, the data encryption key would have been inserted as a document into your replica set and will be retrieved in the query.
With these changes, we're ready to generate our data encryption key. Make sure to save all files, then run your program. If all goes well, your console will print out two DataKeyIds (UUID and base64) as well as a document that resembles the following:
For reference, here's what my console output looks like:
Console output showing two data key ids and a data object; these are successful signs of a properly generated data encryption key.
Console output showing two data key ids and a data object; these are successful signs of a properly generated data encryption key.
If you want to be extra sure, you can also check your cluster to see that your data encryption key is stored as a document in the newly created encryption database and __keyVault collection. Since I'm connecting with my Atlas cluster, here's what it looks like there:
Saved data encryption key in MongoDB Atlas
Saved data encryption key in MongoDB Atlas
Sweet! Now that we have generated a data encryption key, which has been encrypted itself with our local master key, the next step is to specify which fields in our application should be encrypted.

Specify Encrypted Fields Using a JSON Schema

In order for automatic client-side encryption and decryption to work, a JSON schema needs to be defined that specifies which fields to encrypt, which encryption algorithms to use, and the BSON Type of each field.
Using our medical application as an example, let's plan on encrypting the following fields:
Fields to encrypt
Field nameEncryption algorithmsBSON Type
SSN (Social Security Number)DeterministicInt
Blood TypeRandomString
Medical RecordsRandomArray
Insurance: Policy NumberDeterministicInt (embedded inside insurance object)
To make this a bit easier, and to separate this functionality from the rest of the application, create another class named JsonSchemaCreator.cs. In it, add the following code:
As before, let's step through each line:
First, we create two static variables to hold our encryption types. We use Deterministic encryption for fields that are queryable and have high cardinality. We use Random encryption for fields we don't plan to query, have low cardinality, or are array fields.
Next, we create a CreateEncryptMetadata() helper method. This will return a BsonDocument that contains our converted data key. We'll use this key in the CreateJsonSchema() method.
Lines 19-32 make up another helper method called CreateEncryptedField(). This generates the proper BsonDocument needed to define our encrypted fields. It will output a BsonDocument that resembles the following:
Finally, the CreateJsonSchema() method. Here, we generate the full schema our application will use to know which fields to encrypt and decrypt. This method also returns a BsonDocument.
A few things to note about this schema:
Placing the encryptMetadata key at the root of our schema allows us to encrypt all fields with a single data key. It's here you see the call to our CreateEncryptMetadata() helper method.
Within the properties key go all the fields we wish to encrypt. So, for our ssn, bloodType, medicalRecords, and insurance.policyNumber fields, we generate the respective BsonDocument specifications they need using our CreateEncryptedField() helper method.
With our encrypted fields defined and the necessary encryption keys generated, we can now move onto enabling client-side field level encryption in our MongoDB client!
☕️ Don't forget to take a break! This is a lot of information to take in, so don't rush. Be sure to save all your files, then grab a coffee, stretch, and step away from the computer. This tutorial will be here waiting when you're ready. :)

Create the CSFLE-Enabled MongoDB Client

A CSFLE-enabled MongoClient is not that much different from a standard client. To create an auto-encrypting client, we instantiate it with some additional auto-encryption options.
As before, let's create a separate class to hold this functionality. Create a file called AutoEncryptHelper.cs and add the following code (note that since this is a bit longer than the other code snippets, I've opted to add inline comments to explain what's happening rather than waiting until after the code block):
Alright, we're almost done. Don't forget to save what you have so far! In our next (and final) step, we can finally try out client-side field level encryption with some queries!
🌟 Know what show this patient is from? Let me know your nerd cred (and let's be friends, fellow fan!) in a tweet!

Perform Encrypted Read/Write Operations

Remember the sample data we've prepared? Let's put that to good use! To test out an encrypted write and read of this data, let's add another method to the AutoEncryptHelper class. Right after the constructor, add the following method:
What's happening here? First, we use the JsonSchemaCreator class to construct our schema. Then, we create an auto-encrypting client using the CreateAutoEncryptingClient() method. Next, lines 14-16 set the working database and collection we'll be interacting with. Finally, we upsert a medical record using our sample data, then retrieve it with the auto-encrypting client.
Prior to inserting this new patient record, the CSFLE-enabled client automatically encrypts the appropriate fields as established in our JSON schema.
If you like diagrams, here's what's happening:
Flow of an encrypted write with field-level encrypteddata
Flow of an encrypted write with field-level encrypted data
When retrieving the patient's data, it is decrypted by the client. The nicest part about enabling CSFLE in your application is that the queries don't change, meaning the driver methods you're already familiar with can still be used.
For the diagram people:
Flow of an encrypted read, decrypting field-leveldata
Flow of an encrypted read, decrypting field-level data
To see this in action, we just have to modify the main program slightly so that we can call the EncryptedWriteAndReadAsync() method.
Back in the Program.cs file, add the following code:
Alright, this is it! Save your files and then run your program. After a short wait, you should see the following console output:
Console output of an encrypted write and read
Console output of an encrypted write and read
It works! The console output you see has been decrypted correctly by our CSFLE-enabled MongoClient. We can also verify that this patient record has been properly saved to our database. Logging into my Atlas cluster, I see Takeshi's patient record stored securely, with the specified fields encrypted:
Encrypted patient record stored in MongoDB Atlas
Encrypted patient record stored in MongoDB Atlas

Bonus: What's the Difference with a Non-Encrypted Client?

To see how these queries perform when using a non-encrypting client, let's add one more method to the AutoEncryptHelper class. Right after the EncryptedWriteAndReadAsync() method, add the following:
Here, we instantiate a standard MongoClient with no auto-encryption settings. Notice that we query by the non-encrypted name field; this is because we can't query on encrypted fields using a MongoClient without CSFLE enabled.
Finally, add a call to this new method in the Program.cs file:
Save all your files, then run your program again. You'll see your last query returns an encrypted patient record, as expected. Since we are using a non CSFLE-enabled MongoClient, no decryption happens, leaving only the non-encrypted fields legible to us:
Query output using a non CSFLE-enabled MongoClient. Since no decryption happens, the data is properly returned in an encrypted state.
Query output using a non CSFLE-enabled MongoClient. Since no decryption happens, the data is properly returned in an encrypted state.

Let's Recap

Cheers! You've made it this far!
Really, pat yourself on the back. This was a serious tutorial!
Really, pat yourself on the back. This was a serious tutorial!
This tutorial walked you through:
  • Creating a .NET Core console application.
  • Installing dependencies needed to enable client-side field level encryption for your .NET core app.
  • Creating a local master key.
  • Creating a data encryption key.
  • Constructing a JSON Schema to establish which fields to encrypt.
  • Configuring a CSFLE-enabled MongoClient.
  • Performing an encrypted read and write of a sample patient record.
  • Performing a read using a non-CSFLE-enabled MongoClient to see the difference in the retrieved data.
With this knowledge of client-side field level encryption, you should be able to better secure applications and understand how it works!
I hope this tutorial made client-side field level encryption simpler to integrate into your .NET application! If you have any further questions or are stuck on something, head over to the MongoDB Community Forums and start a topic. A whole community of MongoDB engineers (including the DevRel team) and fellow developers are sure to help!
In case you want to learn a bit more, here are the resources that were crucial to helping me write this tutorial:

Facebook Icontwitter iconlinkedin icon
Rate this code example
star-empty
star-empty
star-empty
star-empty
star-empty
Related
Tutorial

Building a Crypto News Website in C# Using the Microsoft Azure App Service and MongoDB Atlas


Jun 13, 2023 | 9 min read
Tutorial

Designing a Strategy to Develop a Game with Unity and MongoDB


Jun 12, 2023 | 7 min read
Tutorial

How to Do Full-Text Search in a Mobile App with MongoDB Realm


Jul 14, 2023 | 3 min read
Tutorial

Building a Space Shooter Game in Unity that Syncs with Realm and MongoDB Atlas


Feb 03, 2023 | 24 min read
Technologies Used
Languages
Table of Contents