Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 332218

Summary: Double encryption is happening when attempting to access the database using a custom EncryptionHelper plugin.
Product: z_Archived Reporter: christopher.forrester
Component: BIRTAssignee: Xuelan Li <xuelan.li>
Status: RESOLVED WORKSFORME QA Contact: Xiaoying Gu <bluesoldier>
Severity: major    
Priority: P3 CC: bluesoldier
Version: unspecified   
Target Milestone: 3.7.0   
Hardware: All   
OS: All   
Whiteboard:

Description christopher.forrester CLA 2010-12-09 11:18:29 EST
Build Identifier: 2.5.2

Implementing an encryption algorithm in the EncryptionHelper results in database access failure, while simply echoing the plaintext results in success.

During report processing, the following two lines of code seem to contradict each other, and appear to result in double-encryption of the password:

ReportDesignSerializer.localizePropertyValues(DesignElement, DesignElement):
    value = EncryptionUtil.encrypt( propDefn, encryption, value );
    newElement.setProperty( propDefn, value );

- and -

ModuleWriter.writeProperty(DesignElement, String, String, Boolean):
    // getLocalProperty will return decrypted value, so encrypt it here
    xml = (String) EncryptionUtil.encrypt( propDefn, encryptionID, xml );


Reproducible: Always

Steps to Reproduce:
1. Create a custom EncryptionHelper plugin.
2. Utilize the EncryptionHelper during report processing.
Comment 1 christopher.forrester CLA 2010-12-23 10:12:12 EST
This was happening due to differences between the formatting of output from decryption/encryption methods within the host software.
Comment 2 Xuelan Li CLA 2011-03-28 23:14:49 EDT
Test with extended encryptionable property. All cases work right including parser, changing property value by command, clone and document generating.
Can not reproduce. Maybe, user behavior about EncryptionHelper is wrong. As expected, value passed to PropertyHandle::setValue(String) must be orginal non-encrypted value, for example, if you want to set password to "1234" then String "1234" must be passed to handle method rather than encrypted string. In another point, the value returned by PropertyHandle::getValue/getStringValue will be non-encrypted value like "1234".
Comment 3 Xuelan Li CLA 2011-03-28 23:16:38 EDT
It works in my test.