import java.io.CharArrayReader;
import java.io.InputStream;
import java.io.Reader;
+import java.security.Provider;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.jcr.Session;
import org.apache.commons.io.IOUtils;
-import org.argeo.ArgeoException;
+import org.argeo.jcr.ArgeoJcrException;
import org.argeo.jcr.ArgeoNames;
import org.argeo.jcr.ArgeoTypes;
import org.argeo.jcr.JcrUtils;
Node userHome = UserJcrUtils.getUserHome(session);
return userHome.hasNode(ARGEO_KEYRING);
} catch (RepositoryException e) {
- throw new ArgeoException("Cannot check whether keyring is setup", e);
+ throw new ArgeoJcrException("Cannot check whether keyring is setup", e);
}
}
try {
Node userHome = UserJcrUtils.getUserHome(session);
if (userHome.hasNode(ARGEO_KEYRING))
- throw new ArgeoException("Keyring already setup");
+ throw new ArgeoJcrException("Keyring already setup");
Node keyring = userHome.addNode(ARGEO_KEYRING);
keyring.addMixin(ArgeoTypes.ARGEO_PBE_SPEC);
// TODO check if algo and key length are available, use DES if not
keyring.setProperty(ARGEO_SECRET_KEY_FACTORY, secreteKeyFactoryName);
keyring.setProperty(ARGEO_KEY_LENGTH, secreteKeyLength);
- keyring.setProperty(ARGEO_SECRET_KEY_ENCRYPTION,
- secreteKeyEncryption);
+ keyring.setProperty(ARGEO_SECRET_KEY_ENCRYPTION, secreteKeyEncryption);
keyring.setProperty(ARGEO_CIPHER, cipherName);
+ // keyring.getSession().save();
+
// encrypted password hash
// IOUtils.closeQuietly(in);
// JcrUtils.closeQuietly(binary);
notYetSavedKeyring.set(keyring);
} catch (Exception e) {
- throw new ArgeoException("Cannot setup keyring", e);
+ throw new ArgeoJcrException("Cannot setup keyring", e);
} finally {
JcrUtils.closeQuietly(binary);
IOUtils.closeQuietly(in);
else if (notYetSavedKeyring.get() != null)
keyring = notYetSavedKeyring.get();
else
- throw new ArgeoException("Keyring not setup");
+ throw new ArgeoJcrException("Keyring not setup");
- pbeCallback.set(keyring.getProperty(ARGEO_SECRET_KEY_FACTORY)
- .getString(), JcrUtils.getBinaryAsBytes(keyring
- .getProperty(ARGEO_SALT)),
+ pbeCallback.set(keyring.getProperty(ARGEO_SECRET_KEY_FACTORY).getString(),
+ JcrUtils.getBinaryAsBytes(keyring.getProperty(ARGEO_SALT)),
(int) keyring.getProperty(ARGEO_ITERATION_COUNT).getLong(),
(int) keyring.getProperty(ARGEO_KEY_LENGTH).getLong(),
- keyring.getProperty(ARGEO_SECRET_KEY_ENCRYPTION)
- .getString());
+ keyring.getProperty(ARGEO_SECRET_KEY_ENCRYPTION).getString());
if (notYetSavedKeyring.get() != null)
notYetSavedKeyring.remove();
} catch (RepositoryException e) {
- throw new ArgeoException("Cannot handle key spec callback", e);
+ throw new ArgeoJcrException("Cannot handle key spec callback", e);
}
}
if (!session.nodeExists(path)) {
String parentPath = JcrUtils.parentPath(path);
if (!session.nodeExists(parentPath))
- throw new ArgeoException("No parent node of " + path);
+ throw new ArgeoJcrException("No parent node of " + path);
Node parentNode = session.getNode(parentPath);
node = parentNode.addNode(JcrUtils.nodeNameFromPath(path));
} else {
node.setProperty(Property.JCR_DATA, binary);
session.save();
} catch (Exception e) {
- throw new ArgeoException("Cannot encrypt", e);
+ throw new ArgeoJcrException("Cannot encrypt", e);
} finally {
IOUtils.closeQuietly(unencrypted);
IOUtils.closeQuietly(in);
Node node = session.getNode(path);
if (node.hasProperty(ARGEO_IV)) {
- byte[] iv = JcrUtils.getBinaryAsBytes(node
- .getProperty(ARGEO_IV));
- cipher.init(Cipher.DECRYPT_MODE, secretKey,
- new IvParameterSpec(iv));
+ byte[] iv = JcrUtils.getBinaryAsBytes(node.getProperty(ARGEO_IV));
+ cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
} else {
cipher.init(Cipher.DECRYPT_MODE, secretKey);
}
return new CipherInputStream(encrypted, cipher);
}
} catch (Exception e) {
- throw new ArgeoException("Cannot decrypt", e);
+ throw new ArgeoJcrException("Cannot decrypt", e);
} finally {
IOUtils.closeQuietly(encrypted);
IOUtils.closeQuietly(reader);
try {
Node userHome = UserJcrUtils.getUserHome(session);
if (!userHome.hasNode(ARGEO_KEYRING))
- throw new ArgeoException("Keyring not setup");
+ throw new ArgeoJcrException("Keyring not setup");
Node keyring = userHome.getNode(ARGEO_KEYRING);
- Cipher cipher = Cipher.getInstance(keyring
- .getProperty(ARGEO_CIPHER).getString(),
- getSecurityProvider());
+ String cipherName = keyring.getProperty(ARGEO_CIPHER).getString();
+ Provider securityProvider = getSecurityProvider();
+ Cipher cipher;
+ if (securityProvider == null)// TODO use BC?
+ cipher = Cipher.getInstance(cipherName);
+ else
+ cipher = Cipher.getInstance(cipherName, securityProvider);
return cipher;
} catch (Exception e) {
- throw new ArgeoException("Cannot get cipher", e);
+ throw new ArgeoJcrException("Cannot get cipher", e);
}
}
- public synchronized void changePassword(char[] oldPassword,
- char[] newPassword) {
+ public synchronized void changePassword(char[] oldPassword, char[] newPassword) {
// TODO decrypt with old pw / encrypt with new pw all argeo:encrypted
}