ofbiz-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Divesh Dutta (JIRA)" <j...@apache.org>
Subject [jira] [Created] (OFBIZ-6071) Issue in decrypting entity fields where encrypt="true" is used in tenant
Date Fri, 13 Feb 2015 09:27:12 GMT
Divesh Dutta created OFBIZ-6071:
-----------------------------------

             Summary: Issue in decrypting entity fields where encrypt="true" is used in tenant

                 Key: OFBIZ-6071
                 URL: https://issues.apache.org/jira/browse/OFBIZ-6071
             Project: OFBiz
          Issue Type: Bug
          Components: framework
    Affects Versions: Trunk, Upcoming Branch
            Reporter: Divesh Dutta


Error while adding a credit card from order manager when logged in with tenant account.

The error is as following:

ERROR rendering error page [/error/error.jsp], but here is the error text: org.ofbiz.widget.renderer.ScreenRenderException:
Error rendering screen [component://party/widget/partymgr/PaymentMethodScreens.xml#editcreditcard]:
org.ofbiz.widget.renderer.ScreenRenderException: Error rendering screen [component://party/widget/partymgr/PaymentMethodScreens.xml#PaymentMethodDecorator]:
org.ofbiz.entity.transaction.GenericTransactionException: The current transaction is marked
for rollback, not beginning a new transaction and aborting current operation; the rollbackOnly
was caused by: Failure in findByCondition operation for entity [CreditCard]: org.ofbiz.entity.GenericEntityException:
Error creating GenericValue (org.ofbiz.base.util.GeneralException: javax.crypto.BadPaddingException:
Given final block not properly padded (Given final block not properly padded) (javax.crypto.BadPaddingException:
Given final block not properly padded (Given final block not properly padded))). Rolling back
transaction.org.ofbiz.entity.GenericEntityException: Error creating GenericValue (org.ofbiz.base.util.GeneralException:
javax.crypto.BadPaddingException: Given final block not properly padded (Given final block
not properly padded) (javax.crypto.BadPaddingException: Given final block not properly padded
(Given final block not properly padded))) 


It seems there is some issue with encryption-decryption mechanism for the fields of an entity
for which encrypt="true" is set. From the exception it seemed that incorrect key is being
used for decryption i.e. the key is not appropriate with respect to the one which was used
for encryption.

After tracing the process flow we suspect that in SqlJdbcUtil.java while calling 'decryptFieldValue'
the delegator which is being used is baseDelegator instead of tenant's delegator, but at the
time of encryption using 'encryptFieldValue' the delegator was tenant's delegator. May be
this is the reason why it is generating "javax.crypto.BadPaddingException".


Steps to regenerate:
1. Create a tenant and login to tenant's admin account.
2. Navigate to ORDER > Order Entry > Sales Order
3. Use Demo Customer as Customer and continue.
4. Add some item to order and proceed for Quick Finalize Order.
5. Try to add new credit card.
6. On saving credit card information it will generate the above error. 





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message