Hi folks,
One of my clients is having a problem with an older module of mine, which isn't compatible with the encryption features in newer versions of MM. The module stored some encrypted data in its own DB table, not in OrderPayments. The client recently ran the Encryption Wizard to update their store's key. Now they can no longer decrypt the data saved by the module, and the old key was deleted when they ran the wizard. Bummer ...
To fix this, I think I need to start by returning the store to the old key. We remember the old passphrase; it hasn't been that long. The Wizard says that "A different passphrase should be used each time you generate an encryption key," but I don't think it actually prevents you from re-using an old passphrase. However, it occurred to me that the key-generation process might use a time stamp or other unique data, so that using the same passphrase twice might produce two different keys. Can someone please confirm whether or not this will work? Does a passphrase always produce the same key?
If I get the old key restored, I can write code that will decrypt the data using the old key, and save it in the OrderPayments table. Then I can update the module to use OrderPayments instead of its private table. Once that's done, they can run the Wizard whenever they want, and the module's data will get re-encrypted along with everything else. The critical part is restoring the old key; hope someone can give me some good news about that?
Thanks --
One of my clients is having a problem with an older module of mine, which isn't compatible with the encryption features in newer versions of MM. The module stored some encrypted data in its own DB table, not in OrderPayments. The client recently ran the Encryption Wizard to update their store's key. Now they can no longer decrypt the data saved by the module, and the old key was deleted when they ran the wizard. Bummer ...
To fix this, I think I need to start by returning the store to the old key. We remember the old passphrase; it hasn't been that long. The Wizard says that "A different passphrase should be used each time you generate an encryption key," but I don't think it actually prevents you from re-using an old passphrase. However, it occurred to me that the key-generation process might use a time stamp or other unique data, so that using the same passphrase twice might produce two different keys. Can someone please confirm whether or not this will work? Does a passphrase always produce the same key?
If I get the old key restored, I can write code that will decrypt the data using the old key, and save it in the OrderPayments table. Then I can update the module to use OrderPayments instead of its private table. Once that's done, they can run the Wizard whenever they want, and the module's data will get re-encrypted along with everything else. The critical part is restoring the old key; hope someone can give me some good news about that?
Thanks --
Comment