Hi David Are you sure that is correct? EntityCrypto makes use of the StringUtil hex methods whose implementations have now changed, couldn't that potentially break existing cc numbers?
Thanks Scott 2008/6/1 David E Jones <[EMAIL PROTECTED]>: > > Quick note: there have been no changes around credit card encryption, which > is two-way (ie encrypt and decrypt), only around the one-way password > encryption. > > -David > > > > On May 31, 2008, at 11:25 AM, Jacques Le Roux wrote: > > Is this a production DB or only test ? Yes, there have been some changes >> around encryption these last times. You may search for "crypt" in the commit >> ML; >> BTW I was not aware about problems with older DB (and I did not find any >> 607122 revision) from these changes. >> >> Jacques >> >> From: "nabin" <[EMAIL PROTECTED]> >> >>> >>> Hi, >>> I am using Ofbiz r607122 with postgress database. Now I am getting >>> "Problem >>> decrypting field [CreditCard / cardNumber]" while using the Ofbiz r656976 >>> with my existing databse. >>> I am also getting encrypted credit card number in webtools(Entity Data >>> Maintenance). But if I use a new instance of database then I am not >>> getting >>> that exception. Also the credit card number is as it is(non-encrypted) in >>> webtools. >>> Could anybody please look into this? >>> The exception that I am getting: >>> >>> 2008-05-20 14:48:41,664 (http-0.0.0.0-8443-Processor2) [ >>> GenericDelegator.java:3215:WARN ] >>> ---- exception report >>> ---------------------------------------------------------- >>> Problem decrypting field [CreditCard / cardNumber] >>> Exception: org.ofbiz.entity.EntityCryptoException >>> Message: Given final block not properly padded >>> ---- stack trace >>> --------------------------------------------------------------- >>> org.ofbiz.entity.EntityCryptoException: Given final block not properly >>> padded >>> org.ofbiz.entity.util.EntityCrypto.decrypt(EntityCrypto.java:87) >>> >>> org.ofbiz.entity.GenericDelegator.decryptFields(GenericDelegator.java:3210) >>> >>> org.ofbiz.entity.util.EntityListIterator.currentGenericValue(EntityListIterator.java:152) >>> >>> org.ofbiz.entity.util.EntityListIterator.next(EntityListIterator.java:287) >>> >>> org.ofbiz.entity.util.EntityListIterator.getCompleteList(EntityListIterator.java:401) >>> org.ofbiz.entity.GenericDelegator.findList(GenericDelegator.java:2286) >>> org.ofbiz.entity.GenericDelegator.findByAnd(GenericDelegator.java:1932) >>> org.ofbiz.minilang.method.entityops.FindByAnd.exec(FindByAnd.java:93) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> org.ofbiz.minilang.SimpleMethod.runSimpleMethod(SimpleMethod.java:134) >>> org.ofbiz.minilang.SimpleMethod.runSimpleService(SimpleMethod.java:116) >>> >>> org.ofbiz.minilang.SimpleServiceEngine.serviceInvoker(SimpleServiceEngine.java:76) >>> >>> org.ofbiz.minilang.SimpleServiceEngine.runSync(SimpleServiceEngine.java:51) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:384) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213) >>> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:149) >>> >>> org.ofbiz.service.eca.ServiceEcaAction.runAction(ServiceEcaAction.java:135) >>> org.ofbiz.service.eca.ServiceEcaRule.eval(ServiceEcaRule.java:151) >>> org.ofbiz.service.eca.ServiceEcaUtil.evalRules(ServiceEcaUtil.java:155) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:571) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213) >>> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:163) >>> org.ofbiz.minilang.method.callops.CallService.exec(CallService.java:246) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.ifops.IfEmpty.exec(IfEmpty.java:84) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.conditional.MasterIf.exec(MasterIf.java:76) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> >>> org.ofbiz.minilang.method.callops.CallSimpleMethod.exec(CallSimpleMethod.java:75) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.conditional.MasterIf.exec(MasterIf.java:88) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> org.ofbiz.minilang.SimpleMethod.runSimpleMethod(SimpleMethod.java:134) >>> org.ofbiz.minilang.SimpleMethod.runSimpleEvent(SimpleMethod.java:95) >>> >>> org.ofbiz.webapp.event.SimpleEventHandler.invoke(SimpleEventHandler.java:72) >>> org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:454) >>> >>> org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:281) >>> org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:198) >>> org.ofbiz.webapp.control.ControlServlet.doPost(ControlServlet.java:78) >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:615) >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:688) >>> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) >>> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >>> org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:255) >>> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) >>> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >>> >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210) >>> >>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) >>> >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) >>> >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) >>> >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) >>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:542) >>> >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) >>> >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870) >>> >>> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665) >>> >>> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528) >>> >>> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81) >>> >>> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685) >>> java.lang.Thread.run(Thread.java:595) >>> org.ofbiz.base.util.GeneralException: Given final block not properly >>> padded >>> org.ofbiz.base.crypto.DesCrypt.decrypt(DesCrypt.java:79) >>> org.ofbiz.entity.util.EntityCrypto.decrypt(EntityCrypto.java:85) >>> >>> org.ofbiz.entity.GenericDelegator.decryptFields(GenericDelegator.java:3210) >>> >>> org.ofbiz.entity.util.EntityListIterator.currentGenericValue(EntityListIterator.java:152) >>> >>> org.ofbiz.entity.util.EntityListIterator.next(EntityListIterator.java:287) >>> >>> org.ofbiz.entity.util.EntityListIterator.getCompleteList(EntityListIterator.java:401) >>> org.ofbiz.entity.GenericDelegator.findList(GenericDelegator.java:2286) >>> org.ofbiz.entity.GenericDelegator.findByAnd(GenericDelegator.java:1932) >>> org.ofbiz.minilang.method.entityops.FindByAnd.exec(FindByAnd.java:93) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> org.ofbiz.minilang.SimpleMethod.runSimpleMethod(SimpleMethod.java:134) >>> org.ofbiz.minilang.SimpleMethod.runSimpleService(SimpleMethod.java:116) >>> >>> org.ofbiz.minilang.SimpleServiceEngine.serviceInvoker(SimpleServiceEngine.java:76) >>> >>> org.ofbiz.minilang.SimpleServiceEngine.runSync(SimpleServiceEngine.java:51) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:384) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213) >>> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:149) >>> >>> org.ofbiz.service.eca.ServiceEcaAction.runAction(ServiceEcaAction.java:135) >>> org.ofbiz.service.eca.ServiceEcaRule.eval(ServiceEcaRule.java:151) >>> org.ofbiz.service.eca.ServiceEcaUtil.evalRules(ServiceEcaUtil.java:155) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:571) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213) >>> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:163) >>> org.ofbiz.minilang.method.callops.CallService.exec(CallService.java:246) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.ifops.IfEmpty.exec(IfEmpty.java:84) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.conditional.MasterIf.exec(MasterIf.java:76) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> >>> org.ofbiz.minilang.method.callops.CallSimpleMethod.exec(CallSimpleMethod.java:75) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.conditional.MasterIf.exec(MasterIf.java:88) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> org.ofbiz.minilang.SimpleMethod.runSimpleMethod(SimpleMethod.java:134) >>> org.ofbiz.minilang.SimpleMethod.runSimpleEvent(SimpleMethod.java:95) >>> >>> org.ofbiz.webapp.event.SimpleEventHandler.invoke(SimpleEventHandler.java:72) >>> org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:454) >>> >>> org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:281) >>> org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:198) >>> org.ofbiz.webapp.control.ControlServlet.doPost(ControlServlet.java:78) >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:615) >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:688) >>> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) >>> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >>> org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:255) >>> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) >>> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >>> >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210) >>> >>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) >>> >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) >>> >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) >>> >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) >>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:542) >>> >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) >>> >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870) >>> >>> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665) >>> >>> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528) >>> >>> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81) >>> >>> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685) >>> java.lang.Thread.run(Thread.java:595) >>> javax.crypto.BadPaddingException: Given final block not properly padded >>> com.sun.crypto.provider.SunJCE_h.b(DashoA12275) >>> com.sun.crypto.provider.SunJCE_h.b(DashoA12275) >>> com.sun.crypto.provider.DESedeCipher.engineDoFinal(DashoA12275) >>> javax.crypto.Cipher.doFinal(DashoA12275) >>> org.ofbiz.base.crypto.DesCrypt.decrypt(DesCrypt.java:72) >>> org.ofbiz.entity.util.EntityCrypto.decrypt(EntityCrypto.java:85) >>> >>> org.ofbiz.entity.GenericDelegator.decryptFields(GenericDelegator.java:3210) >>> >>> org.ofbiz.entity.util.EntityListIterator.currentGenericValue(EntityListIterator.java:152) >>> >>> org.ofbiz.entity.util.EntityListIterator.next(EntityListIterator.java:287) >>> >>> org.ofbiz.entity.util.EntityListIterator.getCompleteList(EntityListIterator.java:401) >>> org.ofbiz.entity.GenericDelegator.findList(GenericDelegator.java:2286) >>> org.ofbiz.entity.GenericDelegator.findByAnd(GenericDelegator.java:1932) >>> org.ofbiz.minilang.method.entityops.FindByAnd.exec(FindByAnd.java:93) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> org.ofbiz.minilang.SimpleMethod.runSimpleMethod(SimpleMethod.java:134) >>> org.ofbiz.minilang.SimpleMethod.runSimpleService(SimpleMethod.java:116) >>> >>> org.ofbiz.minilang.SimpleServiceEngine.serviceInvoker(SimpleServiceEngine.java:76) >>> >>> org.ofbiz.minilang.SimpleServiceEngine.runSync(SimpleServiceEngine.java:51) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:384) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213) >>> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:149) >>> >>> org.ofbiz.service.eca.ServiceEcaAction.runAction(ServiceEcaAction.java:135) >>> org.ofbiz.service.eca.ServiceEcaRule.eval(ServiceEcaRule.java:151) >>> org.ofbiz.service.eca.ServiceEcaUtil.evalRules(ServiceEcaUtil.java:155) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:571) >>> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:213) >>> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:163) >>> org.ofbiz.minilang.method.callops.CallService.exec(CallService.java:246) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.ifops.IfEmpty.exec(IfEmpty.java:84) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.conditional.MasterIf.exec(MasterIf.java:76) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> >>> org.ofbiz.minilang.method.callops.CallSimpleMethod.exec(CallSimpleMethod.java:75) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.method.conditional.MasterIf.exec(MasterIf.java:88) >>> org.ofbiz.minilang.SimpleMethod.runSubOps(SimpleMethod.java:1104) >>> org.ofbiz.minilang.SimpleMethod.exec(SimpleMethod.java:744) >>> org.ofbiz.minilang.SimpleMethod.runSimpleMethod(SimpleMethod.java:134) >>> org.ofbiz.minilang.SimpleMethod.runSimpleEvent(SimpleMethod.java:95) >>> >>> org.ofbiz.webapp.event.SimpleEventHandler.invoke(SimpleEventHandler.java:72) >>> org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:454) >>> >>> org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:281) >>> org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:198) >>> org.ofbiz.webapp.control.ControlServlet.doPost(ControlServlet.java:78) >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:615) >>> javax.servlet.http.HttpServlet.service(HttpServlet.java:688) >>> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) >>> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >>> org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:255) >>> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) >>> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >>> >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210) >>> >>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) >>> >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) >>> >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) >>> >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) >>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:542) >>> >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) >>> >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870) >>> >>> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665) >>> >>> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528) >>> >>> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81) >>> >>> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685) >>> java.lang.Thread.run(Thread.java:595) >>> >>> -------------------------------------------------------------------------------- >>> >>> -- >>> View this message in context: >>> http://www.nabble.com/Problem-decrypting-field--CreditCard---cardNumber--tp17532434p17532434.html >>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>> >> >> >
