Strange behavior when setting or changing encryption key

For general questions and discussions specific to the AbleCommerce GOLD ASP.Net shopping cart software.
Post Reply
jguengerich
Commodore (COMO)
Commodore (COMO)
Posts: 436
Joined: Tue May 07, 2013 1:59 pm

Strange behavior when setting or changing encryption key

Post by jguengerich » Tue Jan 10, 2017 8:53 am

Using AbleCommerce GOLD VERSION: 7.0.92.9266
Release Label: GoldR12SR1

I was testing the recryption fix mentioned towards the end of this thread:viewtopic.php?f=65&t=18580.

I changed the source code for SaveRecryptedData and recompiled. Then (on our test server) I tried to add an encryption key (it didn't have one set). After clicking OK on the confirmation dialog, the page showed the message that the key was being updated, but nothing else happened, and there was no CPU activity. I went to the Error Log, and I had the following error:
2017-01-09 17:00:52,682 ERROR AbleCommerce An error has occured at https://[server]/Admin/Store/Security/EncryptionKey.aspx
System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.NullReferenceException: Object reference not set to an instance of an object.
at CommerceBuilder.Configuration.EncryptionKeyManager.SetEncryptionKey(String passPhrase)
at AbleCommerce.Admin._Store.Security._EncryptionKey.UpdateButton_Click(Object sender, EventArgs e) in c:\inetpub\ACR12SR1\Admin\Store\Security\EncryptionKey.aspx.cs:line 29
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at ASP.admin_store_security_encryptionkey_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\61c61e0f\1431fe7\App_Web_mlo0y33l.7.cs:line 0
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
When I went back to the Encryption page, it said the data was being encrypted, but there was still no CPU activity and the data was still in the unencrypted state. I cancelled the encryption, then ran it again with DECRYPT. It said it finished.
So I copied the previous CommerceBuilder.dll back and tried again, with the same result.

My next step was to log error messages before each line of code in CommerceBuilder.Configuration.EncryptionKeyManager.SetEncryptionKey(String passPhrase) to see where the null reference was occurring. It was when it tried to execute this line:

Code: Select all

// LAUNCH RECRYPTION PROCESS (CURRENT KEY CANNOT BE NULL AS IT IS INITIALIZED ABOVE)
RecryptionHelper.RecryptDatabase(this.PreviousKey != null ? this.PreviousKey.KeyData : null, this.CurrentKey.KeyData);
I put a breakpoint on that line, and when it stopped there, this.CurrentKey was null. So I put a breakpoint on the previous line and tried again. When it stopped there, this.CurrentKey was null. However, when I stepped to the line above, this.CurrentKey had a value. I could then let the code continue running, and the encryption worked fine.
I changed the code to this:

Code: Select all

int nullCheckCount = 0;
while (this.CurrentKey == null && nullCheckCount < 10)
{
    Logger.Error("CurrentKey is null, will loop and check again.");
    nullCheckCount++;
}

// LAUNCH RECRYPTION PROCESS (CURRENT KEY CANNOT BE NULL AS IT IS INITIALIZED ABOVE)
RecryptionHelper.RecryptDatabase(this.PreviousKey != null ? this.PreviousKey.KeyData : null, this.CurrentKey.KeyData);
I tried it several times, and each time the loop would execute once when I encrypted, but not when I decrypted. I just tried it again now, and sometimes the loop executes once and sometimes it doesn't.

Does anyone have any idea what would cause this delay in setting this.CurrentKey? I haven't tried it on our live server yet, but I have never had any problems changing the encryption key there since setting a machineKey in the web.config file. Our test server also has a machineKey in the web.config file, but I'm not sure when I last tried using encryption there.
Jay

Post Reply